CVE-2026-0557

The WP Data Access plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpdaapp' shortcode in all versions up to, and including, 5.5.63 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2026-0557

The WP Data Access plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpdaapp' shortcode in all versions up to, and including, 5.5.63 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

EUVD-2025-11294

Malicious code in bioql PyPI...

EUVD-2024-40187

Malicious code in bioql PyPI...

CVE-2024-43295

Cross-Site Request Forgery CSRF vulnerability in Passionate Programmers B.V. WP Data Access.This issue affects WP Data Access: from n/a through 5.5.7...

CVE-2023-1874

The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiplerolesupdate function. This makes it possible for authenticated attackers, with minimal permissions such as a...

CVE-2025-39582

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Passionate Programmer Peter WP Data Access wp-data-access allows DOM-Based XSS.This issue affects WP Data Access: from n/a through = 5.5.36...

CVE-2025-39582

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Passionate Programmer Peter WP Data Access wp-data-access allows DOM-Based XSS.This issue affects WP Data Access: from n/a through = 5.5.36...

CVE-2025-39582 WordPress WP Data Access plugin <= 5.5.36 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Passionate Programmer Peter WP Data Access wp-data-access allows DOM-Based XSS.This issue affects WP Data Access: from n/a through = 5.5.36...

CVE-2025-39582

CVE-2025-39582 is a DOM-based XSS vulnerability affecting the WordPress plugin WP Data Access (versions up to 5.5.36). The issue arises from improper input neutralization during web page generation, allowing an attacker to inject and execute scripts in the victim’s browser context. Connected sour...

CVE-2024-12428 WP Data Access – App, Table, Form and Chart Builder plugin <= 5.5.22 - Unauthenticated SQL Injection

The WP Data Access – App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable to SQL Injection via the 'orderuserlogindir' parameter in all versions up to, and including, 5.5.22 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

CVE-2024-12428

CVE-2024-12428 concerns the WP Data Access – App, Table, Form and Chart Builder WordPress plugin. The vulnerability is an unauthenticated SQL Injection via the parameter order[user_login][dir], exploitable in all versions up to and including 5.5.22, caused by insufficient escaping of the user-sup...

Exploit for CVE-2023-1874

CVE-2023-1874 Disclaimer THIS SCRIPT IS DESIGNED FOR WHIT...

CVE-2024-43295

Cross-Site Request Forgery CSRF vulnerability in Passionate Programmers B.V. WP Data Access.This issue affects WP Data Access: from n/a through 5.5.7...

CVE-2024-43295

Cross-Site Request Forgery CSRF vulnerability in Passionate Programmers B.V. WP Data Access.This issue affects WP Data Access: from n/a through 5.5.7...

CVE-2024-43295

Cross-Site Request Forgery CSRF vulnerability in Passionate Programmers B.V. WP Data Access.This issue affects WP Data Access: from n/a through 5.5.7...

CVE-2024-43295 WordPress WP Data Access plugin <= 5.5.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Passionate Programmers B.V. WP Data Access.This issue affects WP Data Access: from n/a through 5.5.7...

CVE-2024-43295

CVE-2024-43295 is a CSRF vulnerability in the WP Data Access WordPress plugin (affecting WP Data Access

CVE-2023-1874

The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiplerolesupdate function. This makes it possible for authenticated attackers, with minimal permissions such as a...

CVE-2023-1874

The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiplerolesupdate function. This makes it possible for authenticated attackers, with minimal permissions such as a...