EUVD-2025-27075

Malicious code in bioql PyPI...

ELEX WooCommerce WordPress Plugin 1.4.3 - SQL Injection

/ Exploit Title : ELEX WooCommerce WordPress Plugin 1.4.3 - SQL Injection Author : Byte Reaper Cve id : CVE-2025-10046 Service : plugin wordpress Plugin : ELEX WooCommerce Google Shopping Version : 1.4.3 Type : SQL injection Parameter injection : filetodelete Location file :...

CVE-2025-10046

The ELEX WooCommerce Google Shopping Google Product Feed plugin for WordPress is vulnerable to SQL Injection via the 'filetodelete' parameter in all versions up to, and including, 1.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

Exploit for CVE-2025-10046

CVE-2025-10046 - ELEX WooCommerce Google Shopping Author: By...

CVE-2025-10046

The ELEX WooCommerce Google Shopping Google Product Feed plugin for WordPress is vulnerable to SQL Injection via the 'filetodelete' parameter in all versions up to, and including, 1.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

CVE-2025-10046 ELEX WooCommerce Google Shopping (Google Product Feed) <= 1.4.3 - Authenticated (Admin+) SQL Inejction

The ELEX WooCommerce Google Shopping Google Product Feed plugin for WordPress is vulnerable to SQL Injection via the 'filetodelete' parameter in all versions up to, and including, 1.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

CVE-2025-10046

The CVE-2025-10046 issue affects the WordPress plugin ELEX WooCommerce Google Shopping (Google Product Feed) up to version 1.4.3. The vulnerability resides in includes/elex-manage-feed-ajax.php where the file_to_delete parameter is not properly sanitized and the SQL query is not prepared, allowin...

CVE-2025-10046 ELEX WooCommerce Google Shopping (Google Product Feed) <= 1.4.3 - Authenticated (Admin+) SQL Inejction

The ELEX WooCommerce Google Shopping Google Product Feed plugin for WordPress is vulnerable to SQL Injection via the 'filetodelete' parameter in all versions up to, and including, 1.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

WordPress ELEX WooCommerce Google Shopping (Google Product Feed) plugin <= 1.4.3 - Authenticated (Admin+) SQL Inejction vulnerability

Authenticated Admin+ SQL Inejction vulnerability discovered by dutafi in WordPress Plugin ELEX WooCommerce Google Shopping versions = 1.4.3...

WordPress plugin ELEX WooCommerce Google Shopping SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2025-36366

Name of the Vulnerable Software and Affected Versions: ELEX WooCommerce Google Shopping plugin for WordPress versions up to and including 1.4.3 Description: The ELEX WooCommerce Google Shopping plugin for WordPress is susceptible to SQL Injection through the file to delete parameter. Insufficient...

CVE-2024-12159 Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords <= 3.1 - Information Exposure

The Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.1 due to the printphpinformation.php being publicly accessible. This makes it possible for unauthenticated attackers to...

CVE-2024-12159

The CVE-2024-12159 entry concerns the WordPress plugin “Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords” (Muzaara AdWords Optimize Dashboard) with information exposure in versions up to 3.1. The issue stems from the public accessibility of print_php_information.php, allowi...

PT-2025-1767 · Google · Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords plugin for WordPress versions up to, and including, 3.1 Description: The issue is related to the public accessibility of the print php information.php file, which allows...

CVE-2024-34993

In the module "Bulk Export products to Google Merchant-Google Shopping" bagoogleshopping up to version 1.0.26 from Buy Addons for PrestaShop, a guest can perform SQL injection viaGenerateCategories::renderCategories...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from the American company PrestaShop. The solution provides multiple payment methods, short message alerts and product image zoom. PrestaShop Bulk Export products to Google Merchant - A security vulnerability exists in Google Shopping version 1.0.2...

CVE-2024-34993

In the module "Bulk Export products to Google Merchant-Google Shopping" bagoogleshopping up to version 1.0.26 from Buy Addons for PrestaShop, a guest can perform SQL injection viaGenerateCategories::renderCategories...

WordPress Sync WooCommerce Product feed to Google Shopping plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Sync WooCommerce Product feed to Google Shopping plugin has a SQL injection vulnerability The vulnerability stems from the...

CVE-2021-25068

The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the 'feedid' POST parameter which is not properly sanitized for use in a SQL statement, leading to a SQL injection vulnerability in the admin dashboard...

CVE-2021-25068

The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the 'feedid' POST parameter which is not properly sanitized for use in a SQL statement, leading to a SQL injection vulnerability in the admin dashboard...