SpeakOut Email Petitions < 2.14.15.1 - SQL Injection

The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dkspeakoutsendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users. id: CVE-2022-0846 info: name: SpeakOut Email...

WordPress SpeakOut! Email Petitions plugin <= 4.6.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin SpeakOut! Email Petitions versions = 4.6.5...

EUVD-2025-2709

Malicious code in bioql PyPI...

CVE-2025-22309

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RopeSwingHld SpeakOut! Email Petitions speakout allows DOM-Based XSS.This issue affects SpeakOut! Email Petitions: from n/a through = 4.4.2...

CVE-2025-22309

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RopeSwingHld SpeakOut! Email Petitions speakout allows DOM-Based XSS.This issue affects SpeakOut! Email Petitions: from n/a through = 4.4.2...

CVE-2025-22309

CVE-2025-22309 affects SpeakOut! Email Petitions (WordPress plugin). Initial description identifies a Cross-Site Scripting issue in SpeakOut! Email Petitions: DOM-Based XSS affecting versions up to 4.4.2. Wordfence Intelligence lists this as a Stored Cross-Site Scripting vulnerability for SpeakOu...

WordPress plugin SpeakOut! Email Petitions 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

WordPress SpeakOut! Email Petitions plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin SpeakOut! Email Petitions versions = 4.4.2...

VulnCheck KEV: CVE-2022-0846

The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dkspeakoutsendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users...

WordPress SpeakOut! Email Petitions plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress SpeakOut! dkspeakoutsendmail AJAX operation is not cleaned up and escaped before the id parameter is used, an attacker can u...

CVE-2022-0846

The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dkspeakoutsendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users...

CVE-2022-0846

The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dkspeakoutsendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users...

Sql injection

The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dkspeakoutsendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users...

CVE-2022-0846

CVE-2022-0846 affects the WordPress plugin SpeakOut! Email Petitions up to version 2.14.15.1. The vulnerability is due to improper sanitisation/escaping of the id parameter used in the SQL statement within the dk_speakout_sendmail AJAX action, allowing unauthenticated SQL injection. Exploitation ...

CVE-2022-0846 SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQLi

The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dkspeakoutsendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users...

WordPress plugin SpeakOut! Email Petitions SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress SpeakOut! dkspeakoutsendmail AJAX operation is not cleaned up and escaped before the id parameter is used, an attacker can u...

WordPress SpeakOut! Email Petitions plugin <= 2.14.14 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress SpeakOut! Email Petitions plugin versions = 2.14.14. Solution Update the WordPress SpeakOut! Email Petitions plugin to the latest available version at least 2.14.15.1...

SpeakOut! Email Petitions < 2.13.3 - Reflected Cross-Site Scripting

The plugin does not escape its searchString parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue https://example.com/wp-admin/admin.php?page=dkspeakoutsignatures&action=search&searchString="alert/XSS/...

WordPress SpeakOut! Email Petitions plugin <= 2.13.1.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress SpeakOut! Email Petitions plugin versions = 2.13.1.1. Solution Update the WordPress SpeakOut! Email Petitions plugin to the latest available version at least 2.13.3...