Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/12/07 6:5 a.m.14 views

CVE-2025-13922

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...

6.5CVSS6.6AI score0.00254EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/06 6:30 a.m.7 views

EUVD-2025-201512

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...

6.5CVSS6.1AI score0.00254EPSS
Exploits0References5
NVD
NVD
added 2025/12/06 5:16 a.m.5 views

CVE-2025-13922

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...

6.5CVSS0.00254EPSS
Exploits0References5
CVE
CVE
added 2025/12/06 4:37 a.m.14 views

CVE-2025-13922

CVE-2025-13922 affects Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI (WordPress plugin). Time-based blind SQL Injection via the existing_terms_orderby parameter in the AI preview AJAX endpoint allows authenticated contributors (with AI metabox permissions) to append SQL queries,...

6.5CVSS6.2AI score0.00254EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/06 4:37 a.m.3 views

CVE-2025-13922 Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Authenticated (Contributor+) SQL Injection via ORDER BY Clause

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...

6.5CVSS6.2AI score0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/06 4:37 a.m.16 views

CVE-2025-13922 Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Authenticated (Contributor+) SQL Injection via ORDER BY Clause

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...

6.5CVSS0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/06 12:0 a.m.6 views

PT-2025-49327

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existing terms orderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...

6.5CVSS6.6AI score0.00254EPSS
Exploits0References5
Rows per page
Query Builder