WordPress Event Manager plugin <= 7.0.3 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by mikemyers in WordPress Plugin Events Manager versions = 6.6.4.4...

WordPress Funnel Builder by FunnelKit plugin <= 3.10.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Tom Broucke Patchstack Alliance in WordPress Plugin Funnel Builder by FunnelKit versions = 3.10.2...

WordPress WP Pipes plugin <= 1.4.3 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by LVT-tholv2k in WordPress Plugin WP Pipes versions = 1.4.3...

WordPress GoZen Forms plugin <= 1.1.5 - Unauthenticated SQL Injection via dirGZActiveForm() vulnerability

Unauthenticated SQL Injection via dirGZActiveForm vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin GoZen Forms versions = 1.1.5...

WordPress Torod plugin <= 2.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin Torod versions = 2.1...

WordPress Pixelating image slideshow gallery plugin <= 8.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Peter Thaleikis in WordPress Plugin Pixelating image slideshow gallery versions = 8.0...

WordPress WPQuiz plugin <= 0.4.2 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by Poli in WordPress Plugin WPQuiz versions = 0.4.2...

WordPress Hover Effects plugin <= 2.1.2 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Jamaal ahmed in WordPress Plugin Hover Effects versions = 2.1.2...

CVE-2025-53306

CVE-2025-53306 affects the lucidcrew WP Forum Server plugin (versions

WordPress Video List Manager plugin <= 1.7 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Chu The Anh Blue Rock in WordPress Plugin Video List Manager versions = 1.7...

WordPress inprosysmedia-likes-dislikes-post plugin SQL injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress inprosysmedia-likes-dislikes-post plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL...

WordPress Slim SEO plugin <= 4.5.4 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by ChuongVN in WordPress Plugin Slim SEO versions = 4.5.4...

WordPress Smart Notification Plugin <= 10.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Bonds in WordPress Plugin Smart Notification versions = 10.3...

WordPress WP Job Portal plugin <= 2.3.2 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by LVT-tholv2k in WordPress Plugin WP Job Portal versions = 2.3.2...

WordPress WP-Addpub plugin <= 1.2.8 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by muhammad yudha in WordPress Plugin WP-Addpub versions = 1.2.8...

WordPress WP Post Corrector plugin <= 1.0.2 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin WP Post Corrector versions = 1.0.2...

WordPress Store Locator WordPress plugin <= 1.5.1 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Nguyen Kim Sang in WordPress Plugin Store Locator WordPress versions = 1.5.1...

WordPress File Provider plugin <= 1.2.3 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Nxploited Khaledalenazi in WordPress Plugin File Provider versions = 1.2.3...

CVE-2025-4578

CVE-2025-4578 affects the WordPress File Provider plugin (

WordPress MyStyle Custom Product Designer plugin <= 3.21.1 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by astra.r3verii in WordPress Plugin MyStyle Custom Product Designer versions = 3.21.1...