Lucene search
K

147 matches found

NVD
NVD
added 6 days ago9 views

CVE-2026-6230

The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

7.5CVSS0.00273EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42215

The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

7.5CVSS6AI score0.00273EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-6230 Tainacan <= 1.0.3 - Unauthenticated SQL Injection via 'geoquery' REST API Parameter

The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

7.5CVSS0.00273EPSS
Exploits0References2
CVE
CVE
added 6 days ago12 views

CVE-2026-6230

The CVE-2026-6230 entry concerns the Tainacan WordPress plugin vulnerable to a time-based blind SQL Injection via the REST API parameter 'geoquery' in all versions up to 1.0.3. Root cause is insufficient escaping of the user-supplied parameter and inadequate preparation of the existing SQL query,...

7.5CVSS6AI score0.00273EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42740

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a through = 1.0.3...

9.3CVSS5.6AI score0.00236EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/28 7:21 a.m.12 views

WordPress Tainacan plugin <= 1.0.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin Tainacan versions = 1.0.3...

9.3CVSS5.9AI score0.00236EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/05/27 11:16 a.m.14 views

CVE-2026-42740

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a through = 1.0.3...

9.3CVSS0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.35 views

CVE-2026-42740 WordPress Tainacan plugin <= 1.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a through = 1.0.3...

9.3CVSS0.00236EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.21 views

CVE-2026-42740

The connected sources confirm a SQL Injection vulnerability in the WordPress Tainacan plugin, affecting version range

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.9 views

CVE-2026-42740 WordPress Tainacan plugin <= 1.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a through = 1.0.3...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:49 a.m.9 views

CVE-2026-42740

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a through = 1.0.3...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 9:49 a.m.12 views

EUVD-2026-32192

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a through = 1.0.3...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WordPress plugin Tainacan SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.3CVSS5.9AI score0.00236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43652

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a through = 1.0.3...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Tainacan plugin <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation vulnerability

Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation vulnerability discovered by Deadbee - NA in WordPress Plugin Tainacan versions = 1.0.1...

5.3CVSS5.9AI score0.00301EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/22 2:35 a.m.4 views

CVE-2025-14043

The Tainacan plugin for WordPress is vulnerable to unauthorized metadata section creation due to missing authorization checks in all versions up to, and including, 1.0.1. This is due to the createitempermissionscheck function unconditionally returning true, which bypasses authentication and...

5.3CVSS6.3AI score0.00301EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/21 3:31 a.m.5 views

EUVD-2025-204652

The Tainacan plugin for WordPress is vulnerable to unauthorized metadata section creation due to missing authorization checks in all versions up to, and including, 1.0.1. This is due to the createitempermissionscheck function unconditionally returning true, which bypasses authentication and...

5.3CVSS5.8AI score0.00301EPSS
Exploits0References4
NVD
NVD
added 2025/12/21 3:15 a.m.5 views

CVE-2025-14043

The Tainacan plugin for WordPress is vulnerable to unauthorized metadata section creation due to missing authorization checks in all versions up to, and including, 1.0.1. This is due to the createitempermissionscheck function unconditionally returning true, which bypasses authentication and...

5.3CVSS0.00301EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/21 2:20 a.m.4 views

CVE-2025-14043 Tainacan <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation

The Tainacan plugin for WordPress is vulnerable to unauthorized metadata section creation due to missing authorization checks in all versions up to, and including, 1.0.1. This is due to the createitempermissionscheck function unconditionally returning true, which bypasses authentication and...

5.3CVSS5.8AI score0.00301EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/21 2:20 a.m.17 views

CVE-2025-14043 Tainacan <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation

The Tainacan plugin for WordPress is vulnerable to unauthorized metadata section creation due to missing authorization checks in all versions up to, and including, 1.0.1. This is due to the createitempermissionscheck function unconditionally returning true, which bypasses authentication and...

5.3CVSS0.00301EPSS
Exploits0References3
Rows per page
Query Builder