WordPress Tax Service Electronic HDM plugin <= 1.2.0 - Unauthenticated Arbitrary SQL Injection vulnerability

Unauthenticated Arbitrary SQL Injection vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin TAX SERVICE Electronic HDM versions = 1.2.0...

CVE-2025-12061

The TAX SERVICE Electronic HDM WordPress plugin before 1.2.1 does not authorization and CSRF checks in an AJAX action, allowing unauthenticated users to import and execute arbitrary SQL statements...

CVE-2025-12061 Tax Service Electronic HDM < 1.2.1 - Unauthenticated Arbitrary SQL Execution

The TAX SERVICE Electronic HDM WordPress plugin before 1.2.1 does not authorization and CSRF checks in an AJAX action, allowing unauthenticated users to import and execute arbitrary SQL statements...

CVE-2025-12061

The CVE-2025-12061 entry concerns the TAX SERVICE Electronic HDM WordPress plugin prior to 1.2.1. Concretely, the vulnerability is a lack of authorization and CSRF checks in an AJAX action, enabling unauthenticated users to import and execute arbitrary SQL statements. This affects plugin versions...

WordPress plugin TAX SERVICE Electronic HDM 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A lack of authorization vulnerability exists in WordPress TAX SERVICE Electronic HDM, which stems from a lack of authorization and CSRF checks in AJAX operations. An attacker...

PT-2025-48130

Name of the Vulnerable Software and Affected Versions TAX SERVICE Electronic HDM WordPress plugin versions prior to 1.2.1 Description The TAX SERVICE Electronic HDM WordPress plugin does not perform authorization and Cross-Site Request Forgery CSRF checks in an AJAX action. This allows...

CVE-2024-54261

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through = 1.2.2...

CVE-2024-54261 WordPress TAX SERVICE Electronic HDM plugin <= 1.2.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through = 1.2.2...

CVE-2024-54261

CVE-2024-54261 is a SQL Injection vulnerability affecting the WordPress plugin TAX SERVICE Electronic HDM (HK Digital Agency LLC) with affected versions from n/a up to 1.1.2. Public sources indicate a patched version release to address this issue (e.g., WordPress CVE entry and Patchstack referenc...

CVE-2024-54261 WordPress TAX SERVICE Electronic HDM plugin <= 1.2.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through = 1.2.2...

WordPress plugin TAX SERVICE Electronic HDM SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability...

WordPress TAX SERVICE Electronic HDM plugin <= 1.2.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by stealthcopter in WordPress Plugin TAX SERVICE Electronic HDM versions = 1.2.2...