CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

WordPress GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin <= 2.8.97 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by mikemyers in WordPress Plugin GeoDirectory versions = 2.8.97...

7.5CVSS8AI score0.00344EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/07/24 12:30 p.m.•5 views

WordPress ProfileGrid plugin <= 5.9.5.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ProfileGrid versions = 5.9.5.3...

8.5CVSS5.7AI score0.00063EPSS

Exploits0Affected Software1

Patchstack•added 2025/07/22 11:32 a.m.•6 views

WordPress WP Links Page plugin <= 4.9.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by timomangcut in WordPress Plugin WP Links Page versions = 4.9.6...

8.5CVSS5.7AI score0.00063EPSS

Exploits0Affected Software1

Patchstack•added 2025/07/16 12:19 p.m.•4 views

WordPress YayExtra plugin <= 1.5.5 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Lê Quốc Bảo in WordPress Plugin YayExtra versions = 1.5.5...

7.6CVSS7.7AI score0.00213EPSS

Exploits0Affected Software1

Patchstack•added 2025/07/16 11:44 a.m.•7 views

WordPress Custom API for WP <= 4.2.2 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Custom API for WP versions = 4.2.2...

9.3CVSS7.7AI score0.00059EPSS

Exploits0Affected Software1

Cvelist•added 2025/07/16 11:27 a.m.•7 views

CVE-2025-52819 WordPress Pakke Envíos plugin <= 1.0.2 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in pakkemx Pakke Envíos pakke allows SQL Injection.This issue affects Pakke Envíos: from n/a through = 1.0.2...

8.5CVSS0.00179EPSS

Exploits0References1

Vulnrichment•added 2025/07/16 10:36 a.m.•4 views

CVE-2025-54043 WordPress SMTP for Amazon SES plugin <= 1.9 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YayCommerce SMTP for Amazon SES smtp-amazon-ses allows SQL Injection.This issue affects SMTP for Amazon SES: from n/a through = 1.9...

7.6CVSS5.9AI score0.00213EPSS

Exploits0References1

Patchstack•added 2025/07/11 8:24 a.m.•5 views

WordPress WordPress-WPJobBoard <= 25.07010000-WP6.8.1-JB5.11.5 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by timomangcut in WordPress Plugin WordPress-WPJobBoard versions = 25.07010000-WP6.8.1-JB5.11.5...

9.8CVSS9.2AI score0.00232EPSS

Exploits0Affected Software1

Patchstack•added 2025/07/11 8:4 a.m.•5 views

WordPress URL Shortener <= 3.0.7 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by ch4r0n in WordPress Plugin URL Shortener versions = 3.0.7...

9.3CVSS7.8AI score0.00232EPSS

Exploits0Affected Software1

Patchstack•added 2025/07/11 7:18 a.m.•5 views

WordPress WP-BusinessDirectory <= 3.1.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin WP-BusinessDirectory versions = 3.1.4...

9.3CVSS5.9AI score0.00232EPSS

Exploits0Affected Software1

Patchstack•added 2025/07/10 12:12 p.m.•5 views

WordPress ProfileGrid plugin <= 5.9.5.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ProfileGrid versions = 5.9.5.2...

8.5CVSS5.7AI score0.00179EPSS

Exploits0Affected Software1

Patchstack•added 2025/07/09 9:15 p.m.•4 views

WordPress Short URL plugin <= 1.6.8 - Subscriber+ SQLi vulnerability

Subscriber+ SQLi vulnerability discovered by Dao Xuan Hieu in WordPress Plugin Short URL versions = 1.6.8...

8.8CVSS6.8AI score0.00252EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by