16 matches found
CVE-2025-10730
The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber-widget' shortcode in all versions up to, and including, 4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-10730
The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber-widget' shortcode in all versions up to, and including, 4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-10730 Wp tabber widget <= 4.0 - Authenticated (Contributor+) SQL Injection
The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber-widget' shortcode in all versions up to, and including, 4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-10730 Wp tabber widget <= 4.0 - Authenticated (Contributor+) SQL Injection
The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber-widget' shortcode in all versions up to, and including, 4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
EUVD-2025-34565
The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber-widget' shortcode in all versions up to, and including, 4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-10730
The CVE-2025-10730 entry concerns the WordPress plugin Wp tabber widget. Public details confirm an SQL Injection flaw in all versions up to 4.0 via the wp-tabber-widget shortcode, enabling authenticated attackers with Contributor-level access and above to append SQL statements to existing queries...
WordPress plugin Wp tabber widget SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injectio...
EUVD-2025-30729
Malicious code in bioql PyPI...
CVE-2025-53468
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in [email protected] Wp tabber widget wp-tabber-widget allows SQL Injection.This issue affects Wp tabber widget: from n/a through = 4.0...
WordPress Wp tabber widget Plugin <= 4.0 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by Peter Thaleikis in WordPress Plugin Wp tabber widget versions = 4.0...
CVE-2025-53468
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in [email protected] Wp tabber widget wp-tabber-widget allows SQL Injection.This issue affects Wp tabber widget: from n/a through = 4.0...
CVE-2025-53468 WordPress Wp tabber widget Plugin <= 4.0 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in [email protected] Wp tabber widget wp-tabber-widget allows SQL Injection.This issue affects Wp tabber widget: from n/a through = 4.0...
CVE-2025-53468 WordPress Wp tabber widget Plugin <= 4.0 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in [email protected] Wp tabber widget wp-tabber-widget allows SQL Injection.This issue affects Wp tabber widget: from n/a through = 4.0...
CVE-2025-53468
CVE-2025-53468 describes an SQL Injection in the WordPress plugin WP Tabber Widget (Wp tabber widget) affecting versions up to 4.0. The vulnerability is listed as authenticated (Contributor+) SQL Injection, with a CVSS 3.1 base metric of 8.5 (HIGH). Connected sources indicate patch status as Unpa...
WordPress plugin Wp tabber widget SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injectio...
PT-2025-39004
Name of the Vulnerable Software and Affected Versions Wp tabber widget versions through 4.0 Description The Wp tabber widget contains a flaw related to improper neutralization of special elements within SQL commands, leading to a potential SQL Injection issue. This could allow for unauthorized...