5 matches found
EUVD-2025-31211
Malicious code in bioql PyPI...
CVE-2025-10036
The Featured Image from URL FIFU plugin for WordPress is vulnerable to SQL Injection via the getallurls function in all versions up to, and including, 5.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2025-10036
The Featured Image from URL FIFU plugin for WordPress is vulnerable to SQL Injection via the getallurls function in all versions up to, and including, 5.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2025-10036
The FIFU (Featured Image from URL) WordPress plugin is affected by an authenticated SQL Injection vulnerability in get_all_urls() for versions up to and including 5.2.7. An Administrator+ attacker can inject additional SQL into existing queries to exfiltrate data. Patch information from connected...
CVE-2025-10036 Featured Image from URL (FIFU) <= 5.2.7 - Authenticated (Admin+) SQL Injection
The Featured Image from URL FIFU plugin for WordPress is vulnerable to SQL Injection via the getallurls function in all versions up to, and including, 5.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...