22 matches found
WordPress onOffice for WP-Websites plugin SQL Injection Vulnerability
WordPress onOffice for WP-Websites plugin is a WordPress plugin developed by onOfficeGmbH that is mainly used to integrate listings, addresses or forms from real estate management software such as onOffice into a WordPress website, supports shortcode flexible design and allows for Generate...
CVE-2025-10045
The onOffice for WP-Websites plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...
CVE-2025-10045 onOffice for WP-Websites <= 6.5.1 - Authenticated (Editor+) SQL Injection
The onOffice for WP-Websites plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...
CVE-2025-10045 onOffice for WP-Websites <= 5.7 - Authenticated (Editor+) SQL Injection
The onOffice for WP-Websites plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
EUVD-2025-34566
The onOffice for WP-Websites plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
WordPress onOffice for WP-Websites plugin <= 6.5.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by dutafi in WordPress Plugin onOffice for WP-Websites versions = 6.5.1...
WordPress plugin onOffice for WP-Websites SQL注入漏洞
WordPress onOffice for WP-Websites plugin is a WordPress plugin developed by onOfficeGmbH that is mainly used to integrate listings, addresses or forms from real estate management software such as onOffice into a WordPress website, supports shortcode flexible design and allows for Generate...
EUVD-2025-17223
Malicious code in bioql PyPI...
EUVD-2025-9886
Malicious code in bioql PyPI...
CVE-2025-30958
Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onOffice for WP-Websites: from n/a through = 6.5.1...
CVE-2025-30958
Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onOffice for WP-Websites: from n/a through = 6.5.1...
CVE-2025-30958
Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onOffice for WP-Websites: from n/a through = 6.5.1...
CVE-2025-30958 WordPress onOffice for WP-Websites plugin <= 6.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onOffice for WP-Websites: from n/a through = 6.5.1...
CVE-2025-30958
CVE-2025-30958 concerns a Missing Authorization vulnerability in the WordPress plugin onOffice for WP-Websites , causing broken access control due to incorrectly configured access control security levels. Affected versions are listed as n/a through 5.7 (per CVE/NVD/Red Hat), with the issue enabli...
CVE-2025-30958 WordPress onOffice for WP-Websites plugin <= 6.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onOffice for WP-Websites: from n/a through = 6.5.1...
WordPress plugin onOffice for WP-Websites 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2025-32127
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows SQL Injection.This issue affects onOffice for WP-Websites: from n/a through = 5.7...
CVE-2025-32127
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows SQL Injection.This issue affects onOffice for WP-Websites: from n/a through = 5.7...
CVE-2025-32127
CVE-2025-32127 concerns an SQL Injection in onOffice for WP-Websites (WordPress plugin) where improper neutralization of special elements in SQL commands is reported. Affected version range is onOffice for WP-Websites: from n/a through 5.7. The provided material cites a base score of 7.6 (HIGH) w...
CVE-2025-32127 WordPress onOffice for WP-Websites plugin <= 5.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows SQL Injection.This issue affects onOffice for WP-Websites: from n/a through = 5.7...