Lucene search
K

12 matches found

Nuclei
Nuclei
added 20 hours ago45 views

JoomSport <= 5.7.7 - SQL Injection

The JoomSport WordPress plugin through 5.7.7 is vulnerable to unauthenticated time-based blind SQL injection via the 'sortf' GET parameter in the player list view. The parameter value is backtick-wrapped and directly concatenated into an ORDER BY clause. id: CVE-2026-42647 info: name: JoomSport =...

9.3CVSS6AI score0.01323EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/06/11 9:4 p.m.8 views

CVE-2026-42647 WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.7...

9.3CVSS5.6AI score0.01323EPSS
Exploits1References1
CVE
CVE
added 2026/05/13 5:29 a.m.17 views

CVE-2026-6929

The CVE pertains to the JoomSport WordPress plugin (Team & League, Football, Hockey & more). Affected versions are up to and including 5.7.7, with a time-based blind SQL Injection via the sortf parameter caused by insufficient escaping and inadequate preparation of the SQL query. The vulnerabilit...

7.5CVSS5.9AI score0.00322EPSS
Exploits0References6
NVD
NVD
added 2026/01/05 5:15 p.m.6 views

CVE-2025-39484

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Waituk Entrada allows SQL Injection.This issue affects Entrada: from n/a through 5.7.7...

9.3CVSS0.00241EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/05 1:29 p.m.7 views

EUVD-2023-55630

Unrestricted Upload of File with Dangerous Type vulnerability in Meow Apps Media File Renamer allows Using Malicious Files.This issue affects Media File Renamer: from n/a through 5.7.7...

9.1CVSS8.9AI score0.00282EPSS
Exploits0References2
Circl
Circl
added 2026/01/01 12:36 a.m.7 views

CVE-2025-67705

creationtimestamp| type| source ---|---|--- 2026-01-01 00:36:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbd56v7z2r2c 2026-01-02 18:51:10+00:00| seen| Telegram/jewkuyTggD2PWaKrabPFdcCxroyUzLRM-AR1O-LdmNxSvc...

6.1CVSS5.8AI score0.00193EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 2:7 a.m.2 views

CVE-2025-58918 WordPress Entrada theme <= 5.7.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Waituk Entrada theme allows Cross Site Request Forgery.This issue affects Entrada: from n/a through 5.7.7...

4.3CVSS6.5AI score0.00113EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/27 2:7 a.m.4 views

EUVD-2025-36062

Cross-Site Request Forgery CSRF vulnerability in Waituk Entrada theme allows Cross Site Request Forgery.This issue affects Entrada: from n/a through 5.7.7...

4.3CVSS6.3AI score0.00113EPSS
Exploits0References2
CVE
CVE
added 2025/10/27 2:7 a.m.8 views

CVE-2025-58918

CVE-2025-58918 – CSRF in Waituk Entrada Theme (WordPress) A Cross-Site Request Forgery vulnerability affects the Waituk Entrada WordPress theme (versions up to and including 5.7.7). The issue is documented across multiple sources (NVD/Red Hat/CIRCL/CVEs list) with the same description. No exploit...

4.3CVSS5.1AI score0.00113EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

WordPress plugin Entrada 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

4.3CVSS6.4AI score0.00113EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-43864

Name of the Vulnerable Software and Affected Versions Waituk Entrada theme versions through 5.7.7 Description A Cross-Site Request Forgery CSRF issue exists in the Waituk Entrada theme. This allows attackers to perform actions on behalf of authenticated users without their knowledge. The...

4.3CVSS6.4AI score0.00113EPSS
Exploits0References3
OSV
OSV
added 2022/01/05 7:15 p.m.5 views

CVE-2022-21651 Open redirect in shopware

Shopware is an open source e-commerce software platform. An open redirect vulnerability has been discovered. Users may be arbitrary redirected due to incomplete URL handling in the shopware router. This issue has been resolved in version 5.7.7. There is no workaround and users are advised to...

6.8CVSS7AI score0.00774EPSS
Exploits0References5
Rows per page
Query Builder