216711 matches found
CVE-2026-32365 WordPress Collapsing Archives plugin <= 3.0.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in robfelty Collapsing Archives collapsing-archives allows Blind SQL Injection.This issue affects Collapsing Archives: from n/a through = 3.0.7...
CVE-2026-32365
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in robfelty Collapsing Archives collapsing-archives allows Blind SQL Injection.This issue affects Collapsing Archives: from n/a through = 3.0.7...
CVE-2026-32366
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in robfelty Collapsing Categories collapsing-categories allows Blind SQL Injection.This issue affects Collapsing Categories: from n/a through = 3.0.9...
CVE-2026-32366 WordPress Collapsing Categories plugin <= 3.0.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in robfelty Collapsing Categories collapsing-categories allows Blind SQL Injection.This issue affects Collapsing Categories: from n/a through = 3.0.9...
CVE-2026-32365
CVE-2026-32365 concerns the WordPress Collapsing Archives plugin, affected versions up to and including 3.0.7. The issue is an improper neutralization of special elements in an SQL command, enabling blind SQL injection via the collapsing-archives component. The vulnerability is described consiste...
CVE-2026-32366 WordPress Collapsing Categories plugin <= 3.0.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in robfelty Collapsing Categories collapsing-categories allows Blind SQL Injection.This issue affects Collapsing Categories: from n/a through = 3.0.9...
CVE-2026-32358 WordPress Booking Calendar plugin <= 10.14.15 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpdevelop Booking Calendar booking allows Blind SQL Injection.This issue affects Booking Calendar: from n/a through = 10.14.15...
CVE-2026-31922
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ays Pro Fox LMS fox-lms allows Blind SQL Injection.This issue affects Fox LMS: from n/a through = 1.0.6.3...
CVE-2026-31922 WordPress Fox LMS plugin <= 1.0.6.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ays Pro Fox LMS fox-lms allows Blind SQL Injection.This issue affects Fox LMS: from n/a through = 1.0.6.3...
CVE-2026-31917
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...
CVE-2026-31917
The CVE concerns the WordPress WP ERP plugin by weDevs (ERP component) with versions up to 1.16.10 exposed to SQL Injection due to improper neutralization of user input. The issue affects WP ERP from unspecified earlier versions through 1.16.10. The provided documents do not specify exploit detai...
CVE-2026-31917 WordPress WP ERP plugin <= 1.16.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...
CVE-2026-22193 wpDiscuz before 7.6.47 - SQL Injection in getAllSubscriptions()
wpDiscuz before 7.6.47 contains an SQL injection vulnerability in the getAllSubscriptions function where string parameters lack proper quote escaping in SQL queries. Attackers can inject malicious SQL code through email, activationkey, subscriptiondate, and importedfrom parameters to manipulate...
CVE-2026-22193
wpDiscuz plugin (before version 7.6.47) contains an SQL injection in getAllSubscriptions caused by improper quote escaping for parameters email, activation_key, subscription_date, and imported_from. This allows altering queries and potentially exfiltrating sensitive data. CVSS metrics indicate hi...
PT-2026-25172
🟠 CVE-2026-31917 - High Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = ... https://t.co/rmxKLdVO6O https://t.co/0W8qwfmY6K...
WordPress plugin Fox LMS SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Collapsing Archives SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-25362
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7 2, 6.2.0.0 through 6.2.0.5 1, and 6.2.1.0 through 6.2.1.1 1 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, o...
PT-2026-25279
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in codepeople CP Contact Form with Paypal cp-contact-form-with-paypal allows Blind SQL Injection.This issue affects CP Contact Form with Paypal: from n/a through = 1.3.61...
PT-2026-25212
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in robfelty Collapsing Archives collapsing-archives allows Blind SQL Injection.This issue affects Collapsing Archives: from n/a through = 3.0.7...