EUVD-2026-36857

Subscriber SQL Injection in WP Time Slots Booking Form = 1.2.50 versions...

CVE-2026-48874 WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability

Subscriber SQL Injection in GamiPress = 7.8.7 versions...

EUVD-2026-36841

Unauthenticated SQL Injection in Realtyna Organic IDX plugin = 5.1.0 versions...

CVE-2026-45439

CVE-2026-45439 is a reported unauthenticated SQL injection in the WordPress plugin “ Realtyna Organic IDX” (plugin version

CVE-2026-42665

Summary (CVE-2026-42665): Unauthenticated SQL Injection in the WordPress plugin “WP Data Access” (versions

CVE-2026-42665 WordPress WP Data Access plugin <= 5.5.70 - SQL Injection vulnerability

Unauthenticated SQL Injection in WP Data Access = 5.5.70 versions...

EUVD-2026-36815

Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...

CVE-2026-42639

CVE-2026-42639 concerns the WordPress plugin GD Rating System (versions

CVE-2026-42639 WordPress GD Rating System plugin <= 3.6.2 - SQL Injection vulnerability

Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...

CVE-2026-42386 WordPress Order Delivery Date for WooCommerce plugin <= 4.5.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in Order Delivery Date for WooCommerce = 4.5.1 versions...

CVE-2026-42386 WordPress Order Delivery Date for WooCommerce plugin <= 4.5.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in Order Delivery Date for WooCommerce = 4.5.1 versions...

EUVD-2026-36813

Unauthenticated SQL Injection in Order Delivery Date for WooCommerce = 4.5.1 versions...

CVE-2026-42381 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in Funnel Builder by FunnelKit = 3.15.0.1 versions...

CVE-2026-40798

WPForo Forum plugin for WordPress &lt;= 3.0.4 is affected by an unauthenticated SQL injection vulnerability. The CVE entry cites unauthenticated SQL Injection in wpForo Forum &lt;= 3.0.4, with CVSSv3.1 base score 9.3 (CRITICAL) and impact TIC: Confidentiality High, Availability Low, no privileges...

EUVD-2026-36807

Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...

CVE-2026-40771 WordPress Contest Gallery plugin <= 28.1.6 - SQL Injection vulnerability

Unauthenticated SQL Injection in Contest Gallery = 28.1.6 versions...

CVE-2026-40766

CVE-2026-40766 concerns the WordPress MasterStudy LMS plugin (versions

CVE-2026-40766 WordPress MasterStudy LMS plugin <= 3.7.25 - SQL Injection vulnerability

Subscriber SQL Injection in MasterStudy LMS = 3.7.25 versions...

CVE-2026-40762 WordPress WPGraphQL plugin < 2.11.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in WPGraphQL 2.11.1 versions...

CVE-2026-40762

The WPGraphQL WordPress plugin is affected by an unauthenticated SQL Injection in versions earlier than 2.11.1. The issue originates in WPGraphQL