CVE-2025-5487 AutomatorWP <= 5.2.5 - Authenticated (Administrator+) SQL Injection via field_conditions

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the fieldconditions parameter in all versions up to, and including, 5.2.3 due to insufficient escaping on the user supplied...

CVE-2020-21121

Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the adminupdatemodulewidgets.php file...

PHP Melody 2.7.3 - Multiple Vulnerabilities

PHP Melody 2.7.3 - Multiple Vulnerabilities Vulnerabilities Summary The following advisory describes three 3 vulnerabilities found in PHP Melody version 2.7.3. PHP Melody is a “self-hosted Video CMS which evolved over the last 9 years. SEO optimization, unbeaten security and speed are advantages...

GLPI 0.90.2 SQL Injection

Advisory ID: HTB23301 Product: GLPI Vendor: INDEPNET Vulnerable Versions: 0.90.2 and probably prior Tested Version: 0.90.2 Advisory Publication: April 8, 2016 without technical details Vendor Notification: April 8, 2016 Vendor Patch: April 11, 2016 Public Disclosure: April 29, 2016 Vulnerability...