2 matches found
CVE-2026-8444
CVE-2026-8444 affects WordPress WP Review Slider Pro (get_results() without $wpdb->prepare(). This allows authenticated attackers with Subscriber-level access or higher to append additional SQL queries to existing queries and potentially extract sensitive database information. The provided met...
CVE-2021-4458
The Modern Events Calendar Lite plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'wpajaxmecloadsinglepage' AJAX action in all versions up to, and including, 6.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...