CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues...

8.8CVSS7.6AI score0.00582EPSS

Exploits2References1

RedhatCVE•added 2025/03/26 2:27 p.m.•5 views

CVE-2025-30604

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in jiangqie JiangQie Official Website Mini Program jiangqie-official-website-mini-program allows Blind SQL Injection.This issue affects JiangQie Official Website Mini Program: from n/a through = 1.8.2...

7.6CVSS7.3AI score0.00054EPSS

Exploits0References1

NVD•added 2025/03/24 2:15 p.m.•7 views

CVE-2025-30604

7.6CVSS0.00054EPSS

Exploits0References1

CVE•added 2025/03/24 1:47 p.m.•57 views

CVE-2025-30604

CVE-2025-30604 affects JiangQie Official Website Mini Program (ZhuiGe Official Website Mini Program in EUVD context). Reported as an SQL Injection vulnerability (blind SQLi) in the Mini Program component, with affected versions ranging up to 1.8.2. The connected EUVD entry confirms the issue is p...

7.6CVSS7.3AI score0.00054EPSS

Exploits0References1

Cvelist•added 2025/03/24 1:47 p.m.•14 views

CVE-2025-30604 WordPress JiangQie Official Website Mini Program plugin <= 1.8.2 - SQL Injection Vulnerability

7.6CVSS0.00054EPSS

Exploits0References1

Vulnrichment•added 2025/03/24 1:47 p.m.•5 views

CVE-2025-30604 WordPress JiangQie Official Website Mini Program plugin <= 1.8.2 - SQL Injection Vulnerability

7.6CVSS7.4AI score0.00054EPSS

Exploits0References1

Patchstack•added 2025/03/24 1:3 p.m.•4 views

WordPress JiangQie Official Website Mini Program plugin <= 1.8.2 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by kuteminh11 - VNPT Cyber Immunity in WordPress Plugin JiangQie Official Website Mini Program versions = 1.8.2...

7.6CVSS8AI score0.00054EPSS

Exploits0Affected Software1

CNNVD•added 2025/03/24 12:0 a.m.•2 views

WordPress plugin JiangQie Official Website Mini Program SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers. WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

7.6CVSS8.9AI score0.00054EPSS

Exploits0References1

NVD•added 2024/10/17 6:15 p.m.•9 views

CVE-2024-49314

Unrestricted Upload of File with Dangerous Type vulnerability in jiangqie JiangQie Free Mini Program jiangqie-free-mini-program allows Upload a Web Shell to a Web Server.This issue affects JiangQie Free Mini Program: from n/a through = 2.5.2...

10CVSS0.01096EPSS

Exploits0References1

Cvelist•added 2024/10/17 5:19 p.m.•17 views

CVE-2024-49314 WordPress JiangQie Free Mini Program plugin <= 2.5.2 - Arbitrary File Upload vulnerability

10CVSS0.01096EPSS

Exploits0References1

Vulnrichment•added 2024/10/17 5:19 p.m.•13 views

CVE-2024-49314 WordPress JiangQie Free Mini Program plugin <= 2.5.2 - Arbitrary File Upload vulnerability

10CVSS5.2AI score0.01096EPSS

Exploits0References1

CVE•added 2024/10/17 5:19 p.m.•38 views

CVE-2024-49314

CVE-2024-49314 concerns the JiangQie Free Mini Program WordPress plugin (versions n/a through 2.5.2). Public docs describe an Unrestricted Upload of File with Dangerous Type vulnerability that allows unauthenticated arbitrary file uploads, enabling a potential web shell on the target web server. ...

10CVSS5.9AI score0.01096EPSS

Exploits0References1

CNNVD•added 2024/10/17 12:0 a.m.•1 views

WordPress plugin JiangQie Free Mini Program 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, WordPress is a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in the WordPress plugin...

10CVSS6.7AI score0.01096EPSS

Exploits0References2

Positive Technologies•added 2024/10/17 12:0 a.m.•2 views

PT-2024-33454 · Unknown · Jiangqie Free Mini Program

Name of the Vulnerable Software and Affected Versions: JiangQie Free Mini Program versions n/a through 2.5.2 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to significant security...

10CVSS7.1AI score0.01096EPSS

Exploits0References6

Patchstack•added 2024/10/15 12:58 p.m.•2 views

WordPress JiangQie Free Mini Program plugin <= 2.5.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JiangQie Free Mini Program versions = 2.5.2...

10CVSS7AI score0.01096EPSS

Exploits0Affected Software1

Patchstack•added 2024/10/15 12:0 a.m.•10 views

WordPress JiangQie Free Mini Program Plugin <= 2.5.2 is vulnerable to Arbitrary File Upload

Software JiangQie Free Mini Program Type Plugin Vulnerable versions = 2.5.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49314 Patch priority High CVSS severity High 10 Developer Claim ownership PSID be9e9805193d Credits stealthcopter Required privileg...

10CVSS6.9AI score0.01096EPSS

Exploits0References1Affected Software1

CNVD•added 2021/09/08 12:0 a.m.•4 views

WordPress SQL Injection Vulnerability (CNVD-2021-70740)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress JiangQie versions prior to 1.1.1, which stems from...

8.8CVSS7.8AI score0.00582EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by