Lucene search
K

5 matches found

CNVD
CNVD
added 2025/12/16 12:0 a.m.2 views

WordPress List category posts SQL Injection Vulnerability

WordPress List category posts is a feature-rich WordPress plugin , mainly through the catlist short code to achieve the function . WordPress List category posts has a SQL injection vulnerability, the vulnerability stems from the existence of the startingwith parameter time-based SQL injection, an...

6.5CVSS8.1AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/12 4:13 a.m.4 views

CVE-2025-10163

The List category posts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘startingwith’ parameter of the catlist shortcode in all versions up to, and including, 0.91.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS6.6AI score0.00286EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/11 3:27 a.m.8 views

EUVD-2025-202663

The List category posts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘startingwith’ parameter of the catlist shortcode in all versions up to, and including, 0.91.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS6.1AI score0.00286EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/11 3:27 a.m.7 views

CVE-2025-10163 List Category Posts <= 0.91.0 - Authenticated (Contributor+) SQL Injection via Plugin's Shortcode

The List category posts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘startingwith’ parameter of the catlist shortcode in all versions up to, and including, 0.91.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS6.2AI score0.00286EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

WordPress plugin List category posts SQL注入漏洞

WordPress List category posts is a feature-rich WordPress plugin , mainly through the catlist short code to achieve the function . WordPress List category posts has a SQL injection vulnerability, the vulnerability stems from the existence of the startingwith parameter time-based SQL injection, an...

6.5CVSS8AI score0.00286EPSS
Exploits0References2
Rows per page
Query Builder