7 matches found
CVE-2025-13922
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...
EUVD-2025-201512
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...
CVE-2025-13922
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...
CVE-2025-13922
CVE-2025-13922 affects Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI (WordPress plugin). Time-based blind SQL Injection via the existing_terms_orderby parameter in the AI preview AJAX endpoint allows authenticated contributors (with AI metabox permissions) to append SQL queries,...
CVE-2025-13922 Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Authenticated (Contributor+) SQL Injection via ORDER BY Clause
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...
CVE-2025-13922 Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Authenticated (Contributor+) SQL Injection via ORDER BY Clause
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existingtermsorderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...
PT-2025-49327
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'existing terms orderby' parameter in the AI preview AJAX endpoint in all versions up to, and including, 3.40.1. This is due to insufficient escaping on...