19 matches found
CVE-2026-32459
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through = 2.2.4...
WordPress UpsellWP plugin <= 2.2.4 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin UpsellWP versions = 2.2.4...
EUVD-2026-12017
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through = 2.2.4...
CVE-2026-32459
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through = 2.2.4...
CVE-2026-32459 WordPress UpsellWP plugin <= 2.2.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through = 2.2.4...
CVE-2026-32459 WordPress UpsellWP plugin <= 2.2.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through = 2.2.4...
CVE-2026-32459
The CVE describes an SQL Injection vulnerability (blind) in the WordPress UpsellWP plugin (checkout-upsell-and-order-bumps) affecting versions up to 2.2.4. Root cause: improper neutralization of special elements used in SQL commands. Impact stated as Blind SQL Injection, but no exploitation detai...
CVE-2026-32459
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through = 2.2.4...
PT-2026-25303
🟠 CVE-2026-32459 - High Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue af... https://t.co/cgG00hiU3x https://t.co/E6pmdn1Kzn...
WordPress plugin UpsellWP SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-25419
Missing Authorization vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpsellWP: from n/a through = 2.2.5...
CVE-2026-25419
Missing Authorization vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpsellWP: from n/a through = 2.2.5...
CVE-2026-25419
Missing Authorization vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpsellWP: from n/a through = 2.2.3...
CVE-2026-25419 WordPress UpsellWP plugin <= 2.2.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpsellWP: from n/a through = 2.2.3...
CVE-2026-25419 WordPress UpsellWP plugin <= 2.2.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpsellWP: from n/a through = 2.2.5...
CVE-2026-25419
CVE-2026-25419 is a Missing Authorization vulnerability described as Broken Access Control in the UpsellWP plugin (checkout-upsell-and-order-bumps). Affected software: UpsellWP for WordPress, version range from n/a through 2.2.5 (per initial doc); Red Hat entry and PatchStack reference reiterate ...
PT-2026-20741
Missing Authorization vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpsellWP: from n/a through = 2.2.3...
WordPress plugin UpsellWP 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress UpsellWP plugin <= 2.2.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rapid0nion in WordPress Plugin UpsellWP versions = 2.2.3...