EUVD-2005-1812

Malware in sbrugna...

EUVD-2023-23308

Malicious code in bioql PyPI...

EUVD-2024-51717

Malicious code in bioql PyPI...

CVE-2025-6348 Smart Slider 3 <= 3.5.1.28 - Authenticated (Administrator+) SQL Injection via `sliderid` Parameter

The Smart Slider 3 plugin for WordPress is vulnerable to time-based SQL Injection via the ‘sliderid’ parameter in all versions up to, and including, 3.5.1.28 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2025-49870 WordPress Paid Member Subscriptions plugin <= 2.15.1 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows SQL Injection.This issue affects Paid Member Subscriptions: from n/a through = 2.15.1...

CVE-2025-52832 WordPress NGG Smart Image Search plugin <= 3.4.1 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpo-HR NGG Smart Image Search ngg-smart-image-search allows SQL Injection.This issue affects NGG Smart Image Search: from n/a through = 3.4.1...

CVE-2025-30989 WordPress Libro de Reclamaciones y Quejas plugin <= 0.9 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas libro-de-reclamaciones-y-quejas allows SQL Injection.This issue affects Libro de Reclamaciones y Quejas: from n/a through = 0.9...

CVE-2017-18571

The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316...

CVE-2025-47538 WordPress Cart tracking for WooCommerce plugin <= 1.0.17 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpdever Cart tracking for WooCommerce cart-tracking-for-woocommerce allows SQL Injection.This issue affects Cart tracking for WooCommerce: from n/a through = 1.0.17...

CVE-2019-25223

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2025-32685 WordPress WP Inquiries plugin <= 0.2.1 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aristo Rinjuang WP Inquiries wp-inquiries allows SQL Injection.This issue affects WP Inquiries: from n/a through = 0.2.1...

CVE-2025-1264

The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient...

Social-Share-Buttons v2.2.3 - SQL Injection

Title: Social-Share-Buttons v2.2.3 - SQL Injection Author: nu11secur1ty Date: 09.16.2022 Vendor: https://wordpress.org/ Software: https://downloads.wordpress.org/plugin/social-share-buttons-by-supsystic.2.2.3.zip Reference:...