234097 matches found
Woo Inquiry <= 0.1 - SQL Injection
The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...
TrueBooker <= 1.0.2 - SQL Injection
The TrueBooker Appointment Booking and Scheduler Plugin. plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
Opti Marketing <= 2.0.9 - SQL Injection
The Opti Marketing plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to appe...
EUVD-2026-37631
Unauthenticated SQL Injection in JobSearch = 3.2.9 versions...
EUVD-2026-37644
Unauthenticated SQL Injection in WP eMember v10.9.4 versions...
EUVD-2026-37632
Unauthenticated SQL Injection in JetEngine = 3.8.10.1 versions...
EUVD-2026-37619
Unauthenticated SQL Injection in JetSearch = 3.5.17 versions...
EUVD-2026-37589
Unauthenticated SQL Injection in Blocksy Companion Pro 2.1.29 versions...
EUVD-2026-37655
Unauthenticated SQL Injection in Tutor LMS Pro = 3.9.6 versions...
EUVD-2026-37660
Unauthenticated SQL Injection in WPJobster = 6.3.5 versions...
EUVD-2026-37552
The JetEngine plugin for WordPress is vulnerable to SQL injection in all versions up to and including 3.8.10.1. The listingloadmore AJAX handler accepts a filteredquery parameter that is intentionally excluded from the HMAC query signature check to support front-end filter integration. However,...
EUVD-2025-210229
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin = 2.7.2 versions...
WordPress Tutor LMS – eLearning and online course solution plugin <= 3.9.11 - Authenticated (Administrator+) SQL Injection vulnerability
Authenticated Administrator+ SQL Injection vulnerability discovered by s1kr10s - Nayrox in WordPress Plugin Tutor LMS versions = 3.9.11...
CVE-2026-35068
Dell PowerFlex Manager, versions Versions, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to information disclosure...
WordPress Advanced Order Export For WooCommerce plugin <= 4.0.10 - Authenticated (Shop Manager+) SQL Injection vulnerability
Authenticated Shop Manager+ SQL Injection vulnerability discovered by Yaswanth Reddy Sunkara in WordPress Plugin Advanced Order Export For WooCommerce versions = 4.0.10...
WordPress Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin <= 1.15.43 - Authenticated (Adminsitrator+) SQL Injection vulnerability
Authenticated Adminsitrator+ SQL Injection vulnerability discovered by Muhammad Arsalan Diponegoro tripoloski in WordPress Plugin Form Maker by 10Web versions = 1.15.43...
CVE-2026-54812
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...
CVE-2026-35069
CVE-2026-35069 affects Dell PowerFlex Manager. The issue is an SQL injection caused by improper neutralization of special elements in SQL commands within the product’s components, allowing a low-privileged, adjacent-network attacker to potentially perform script injection. Impact described includ...
CVE-2026-35069
Dell PowerFlex Manager, versions Versions, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection...
CVE-2026-35068
Dell PowerFlex Manager is affected by an SQL Injection vulnerability due to improper neutralization of special elements in SQL commands. The issue could allow a low-privileged attacker with adjacent network access to cause information disclosure. The available descriptions identify the vulnerabil...