CVE-2025-58788 WordPress License Manager for WooCommerce Plugin <= 3.0.12 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal License Manager for WooCommerce license-manager-for-woocommerce allows Blind SQL Injection.This issue affects License Manager for WooCommerce: from n/a through = 3.0.12...

CVE-2025-58788 WordPress License Manager for WooCommerce Plugin <= 3.0.12 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal License Manager for WooCommerce license-manager-for-woocommerce allows Blind SQL Injection.This issue affects License Manager for WooCommerce: from n/a through = 3.0.12...

WordPress License Manager for WooCommerce Plugin <= 3.0.12 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Que Thanh Tuan Blue Rock in WordPress Plugin License Manager for WooCommerce versions = 3.0.12...

CVE-2021-24244

An AJAX action registered by the WPBakery Page Builder Visual Composer Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options key, email...

CVE-2025-32522 WordPress License Manager for WooCommerce plugin <= 3.0.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPExperts.io License Manager for WooCommerce allows Reflected XSS. This issue affects License Manager for WooCommerce: from n/a through 3.0.9...

WordPress License Manager for WooCommerce plugin <= 3.0.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin License Manager for WooCommerce versions = 3.0.9...

WordPress License Manager for WooCommerce Plugin <= 3.0.6 is vulnerable to Sensitive Data Exposure

Software License Manager for WooCommerce Type Plugin Vulnerable versions = 3.0.6 Fixed in 3.0.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1639 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0b1e43ddb6ac Credits Lucio Sá...

Stealthy Malware Disguises Itself as a WordPress License Key

UPDATE A spam-injecting malware is targeting WordPress site owners by disguising itself as a legitimate license key for a WordPress design theme. According to analysis from Sucuri, a customer opened a malware removal ticket reporting “some weird spam URLs injected onto their WordPress website.”...