CVE-2025-10187

The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' parameter in all versions up to, and including, 3.17.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

CVE-2025-10187 GSpeech TTS – WordPress Text To Speech Plugin <= 3.17.13 - Authenticated (Admin+) SQL injection

The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' parameter in all versions up to, and including, 3.17.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

nemo-curator (=0.5.1), neural-sync (>=0.1.0 <=0.1.2) +4 more potentially affected by CVE-2022-22821 via nemo-toolkit (>=0.10.1 <=1.5.1)

nemo-toolkit PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.1, =0.1.0.dev201117, =0.0.3, =0.0.4 Source cves: CVE-2022-22821 Source advisory: OSV:GHSA-RPX7-33J2-XX9X...

nemo-curator (=0.5.1), neural-sync (>=0.1.0 <=0.1.2) +4 more potentially affected by CVE-2022-22821 via nemo-toolkit (>=0.10.1 <=1.5.1)

nemo-toolkit PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.1, =0.1.0.dev201117, =0.0.3, =0.0.4 Source cves: CVE-2022-22821 Source advisory: OSV:GHSA-9HG3-HMMF-C3GR...

FBReader TTS+ Plugin - Exported components, External URLs, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application FBReader TTS+ Plugin published at the 'play' market has multiple vulnerabilities...