337 matches found
Relevanssi <= 4.24.4 (Free) - Unauthenticated SQL Injection
The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 Free and = 2.27.4 Premium due to insufficient escaping on the user supplied parameter and lack of sufficient...
Ads Pro Plugin <= 4.88 - Unauthenticated SQL Injection
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the 'aid' parameter in all versions up to, and including, 4.88 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...
Youzify < 1.2.0 - Unauthenticated SQLi
The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection id: CVE-2022-1950 info: name: Youzify 1.2.0 - Unauthenticated SQLi author:...
WP Fastest Cache 1.2.2 - SQL Injection
The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. id: CVE-2023-6063 info: name: WP Fastest Cache 1.2.2 - SQL Injection author: DhiyaneshDK...
Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection
The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL Injection via the ‘s' parameter in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.This makes ...
CVE-2026-56036
Unauthenticated SQL Injection in 워드프레스 결제 심플페이 = 5.5.6 versions...
CVE-2026-54825
Unauthenticated SQL Injection in wpDataTables = 7.4 versions...
EUVD-2026-39720
Unauthenticated SQL Injection in JetSmartFilters = 3.8.3 versions...
EUVD-2026-39674
Unauthenticated SQL Injection in Real Estate 7 = 3.5.9 versions...
CVE-2026-54849 WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.11 - SQL Injection vulnerability
Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce = 1.1.11 versions...
WordPress Tourfic – AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin plugin <= 2.22.7 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by PRISM in WordPress Plugin Tourfic versions = 2.22.7...
CVE-2017-20265 Joomla! Component Flip Wall 8.0 SQL Injection
Joomla! Component Flip Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comflipwall&task=click&wallid...
PT-2026-50937
Name of the Vulnerable Software and Affected Versions Joomla! Component Price Alert version 3.0.2 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. By sending requests to the 'subscribeajax' view with crafted payloads in the product id parameter,...
CVE-2026-54419 PIAF-HMS multiple unauthenticated SQL injection vulnerabilities via mysql_query
claudiopizzillo PIAF-HMS PBX-In-A-Flash Hotel Management System; no released versions, latest commit 389d2633441b65ced1c104212cd62be2bfca21e5 contains multiple unauthenticated SQL injection vulnerabilities. The application has no authentication mechanism and passes user-supplied HTTP parameters...
EUVD-2026-37589
Unauthenticated SQL Injection in Blocksy Companion Pro 2.1.29 versions...
EUVD-2026-37660
Unauthenticated SQL Injection in WPJobster = 6.3.5 versions...
CVE-2026-54811
Unauthenticated SQL Injection in WP eMember v10.9.4 versions...
CVE-2026-49080
Unauthenticated SQL Injection in wpDataTables = 7.3.6 versions...
CVE-2026-49084
Unauthenticated SQL Injection in JetEngine 3.8.9.1 versions...
CVE-2026-49076
Unauthenticated SQL Injection in JetEngine = 3.8.9.1 versions...