12 matches found
JoomSport <= 5.7.7 - SQL Injection
The JoomSport WordPress plugin through 5.7.7 is vulnerable to unauthenticated time-based blind SQL injection via the 'sortf' GET parameter in the player list view. The parameter value is backtick-wrapped and directly concatenated into an ORDER BY clause. id: CVE-2026-42647 info: name: JoomSport =...
CVE-2026-42647 WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.7...
CVE-2026-6929
The CVE pertains to the JoomSport WordPress plugin (Team & League, Football, Hockey & more). Affected versions are up to and including 5.7.7, with a time-based blind SQL Injection via the sortf parameter caused by insufficient escaping and inadequate preparation of the SQL query. The vulnerabilit...
CVE-2025-39484
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Waituk Entrada allows SQL Injection.This issue affects Entrada: from n/a through 5.7.7...
EUVD-2023-55630
Unrestricted Upload of File with Dangerous Type vulnerability in Meow Apps Media File Renamer allows Using Malicious Files.This issue affects Media File Renamer: from n/a through 5.7.7...
CVE-2025-67705
creationtimestamp| type| source ---|---|--- 2026-01-01 00:36:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbd56v7z2r2c 2026-01-02 18:51:10+00:00| seen| Telegram/jewkuyTggD2PWaKrabPFdcCxroyUzLRM-AR1O-LdmNxSvc...
CVE-2025-58918 WordPress Entrada theme <= 5.7.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Waituk Entrada theme allows Cross Site Request Forgery.This issue affects Entrada: from n/a through 5.7.7...
EUVD-2025-36062
Cross-Site Request Forgery CSRF vulnerability in Waituk Entrada theme allows Cross Site Request Forgery.This issue affects Entrada: from n/a through 5.7.7...
CVE-2025-58918
CVE-2025-58918 – CSRF in Waituk Entrada Theme (WordPress) A Cross-Site Request Forgery vulnerability affects the Waituk Entrada WordPress theme (versions up to and including 5.7.7). The issue is documented across multiple sources (NVD/Red Hat/CIRCL/CVEs list) with the same description. No exploit...
WordPress plugin Entrada 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
PT-2025-43864
Name of the Vulnerable Software and Affected Versions Waituk Entrada theme versions through 5.7.7 Description A Cross-Site Request Forgery CSRF issue exists in the Waituk Entrada theme. This allows attackers to perform actions on behalf of authenticated users without their knowledge. The...
CVE-2022-21651 Open redirect in shopware
Shopware is an open source e-commerce software platform. An open redirect vulnerability has been discovered. Users may be arbitrary redirected due to incomplete URL handling in the shopware router. This issue has been resolved in version 5.7.7. There is no workaround and users are advised to...