216531 matches found
CVE-2026-32516
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Blind SQL Injection.This issue affects Miraculous Core Plugin: from n/a through 2.1.2...
CVE-2026-32499 WordPress ChatBot plugin <= 7.7.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...
CVE-2026-32499 WordPress ChatBot plugin <= 7.7.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...
CVE-2026-27039
CVE-2026-27039 describes an SQL Injection vulnerability in the WooCommerce Amazon Affiliates plugin for WordPress (WooZone). The issue affects WooZone versions up to and including 14.0.31. The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L with a base score of 8.5 (HIGH), indicat...
CVE-2026-25377 WordPress Addon Jobsearch Chat plugin <= 3.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in eyecix Addon Jobsearch Chat addon-jobsearch-chat allows SQL Injection.This issue affects Addon Jobsearch Chat: from n/a through = 3.0...
CVE-2026-25377 WordPress Addon Jobsearch Chat plugin <= 3.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in eyecix Addon Jobsearch Chat addon-jobsearch-chat allows SQL Injection.This issue affects Addon Jobsearch Chat: from n/a through = 3.0...
CVE-2026-25377
CVE-2026-25377 concerns the WordPress plugin Addon Jobsearch Chat (component: addon-jobsearch-chat) with versions n/a through 3.0. The vulnerability stems from improper neutralization of special elements in SQL commands, resulting in an SQL injection flaw. Impact details are limited in the provid...
CVE-2026-25371
CVE-2026-25371 affects Lumise Product Designer (Lumise) for WordPress, with an unauthenticated SQL injection vulnerability in Lumise Product Designer components. Public references indicate the issue is described as an Blind SQL Injection and affects Lumise versions before 2.0.9 (from n/a through ...
CVE-2026-25340
CVE-2026-25340 affects WordPress/NooTheme Jobmonster plugin/theme versions prior to 4.8.4. The issue is an SQL Injection (Blind) caused by improper neutralization of SQL commands, enabling an attacker to perform blind queries. Exposure is described as affecting Jobmonster from unspecified version...
CVE-2026-25340 WordPress Jobmonster theme < 4.8.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NooTheme Jobmonster noo-jobmonster allows Blind SQL Injection.This issue affects Jobmonster: from n/a through 4.8.4...
CVE-2026-25007 WordPress ElementInvader Addons for Elementor plugin <= 1.4.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Blind SQL Injection.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.4.2...
CVE-2026-25007
ElementInvader Addons for Elementor (WordPress plugin) up to version 1.4.2 contains an SQL Injection vulnerability due to improper neutralization of special elements in SQL commands, allowing blind SQL injection. Affected versions are n/a through 1.4.2. The vulnerability is described consistently...
CVE-2026-24993 WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics allows Blind SQL Injection.This issue affects Advanced WooCommerce Product Sales Reporting: fro...
CVE-2026-24977 WordPress Organici Library plugin <= 2.1.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NooTheme Organici Library noo-organici-library allows Blind SQL Injection.This issue affects Organici Library: from n/a through = 2.1.2...
CVE-2026-24977
The connected document confirms an authenticated SQL injection in Organici Library (noo-organici-library) up to version 2.1.2, caused by an input handling flaw that enables blind SQL injection with high impact on confidentiality and availability (per CVSS v3.1: 8.5). It also notes that this Organ...
CVE-2026-22484 WordPress Lisfinity Core plugin <= 1.5.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in pebas Lisfinity Core lisfinity-core allows SQL Injection.This issue affects Lisfinity Core: from n/a through = 1.5.0...
CVE-2024-58341 OpenCart Core 4.0.2.3 SQL Injection via search Parameter
OpenCart Core 4.0.2.3 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'search' parameter. Attackers can send GET requests to the product search endpoint with malicious 'search' values to extract sensitiv...
CVE-2024-58341
OpenCart Core 4.0.2.3 contains a SQL injection vulnerability in the product search endpoint, exploitable by unauthenticated attackers via the query parameter 'search'. Attackers can submit crafted GET requests to perform boolean-based blind or time-based blind SQL injection to extract sensitive d...
EUVD-2026-15415
A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...
web-app-security-owasp-zap
๐ Web Application Security Testing with OWASP ZAP Author:...