Lucene search
K

4 matches found

NVD
NVD
added 9 hours ago7 views

CVE-2026-6230

The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

7.5CVSS
Exploits0References2
CVE
CVE
added 10 hours ago10 views

CVE-2026-6230

The CVE-2026-6230 entry concerns the Tainacan WordPress plugin vulnerable to a time-based blind SQL Injection via the REST API parameter 'geoquery' in all versions up to 1.0.3. Root cause is insufficient escaping of the user-supplied parameter and inadequate preparation of the existing SQL query,...

7.5CVSS6AI score
Exploits0References2
Cvelist
Cvelist
added 10 hours ago6 views

CVE-2026-6230 Tainacan <= 1.0.3 - Unauthenticated SQL Injection via 'geoquery' REST API Parameter

The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

7.5CVSS
Exploits0References2
EUVD
EUVD
added 10 hours ago3 views

EUVD-2026-42215

The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

7.5CVSS6AI score
Exploits0References2
Rows per page
Query Builder