CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-11966

Malware in sbrugna...

8.8CVSS8.6AI score0.00889EPSS

Exploits2References2

OSV•added 2022/01/10 4:15 p.m.•2 views

CVE-2021-25054

The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability...

8.8CVSS7.4AI score

Exploits0References1

NVD•added 2022/01/10 4:15 p.m.•12 views

CVE-2021-25054

The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability...

8.8CVSS0.00889EPSS

Exploits2References1

Prion•added 2022/01/10 4:15 p.m.•8 views

Sql injection

The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability...

6.5CVSS8.8AI score0.00889EPSS

Exploits2References1Affected Software1

CVE•added 2022/01/10 3:30 p.m.•37 views

CVE-2021-25054

CVE-2021-25054 affects the WPcalc WordPress plugin (versions up to 2.1). The vulnerability is an authenticated SQL injection caused by lack of sanitization of the did parameter, which is used directly in an SQL statement. Impact is authenticated access to execute SQL commands and potentially acce...

8.8CVSS8.9AI score0.00889EPSS

Exploits2References1Affected Software1

Cvelist•added 2022/01/10 3:30 p.m.•9 views

CVE-2021-25054 WPcalc <= 2.1 - Authenticated SQL Injection

The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability...

9.1AI score0.00889EPSS

Exploits2References1

CNNVD•added 2022/01/10 12:0 a.m.•4 views

WordPress plugin SQL注入漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.The WordPress WPcalc plugin in version 2.1 and earlier is vulnerable to SQL injection, which stems from the plugin'...

8.8CVSS6AI score0.00889EPSS

Exploits2References2

wpexploit•added 2021/12/06 12:0 a.m.•69 views

WPcalc <= 2.1 - Authenticated SQL Injection

The plugin does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability. Plugin author closed the plugin. http://www.example.com/wp-admin/admin.php?page=wpcalc&info=del&did=1 AND SELECT 7156 FROM SELECTSLEEP5MIkl or,...

8.8CVSS1.3AI score0.00889EPSS

Exploits2

WPVulnDB•added 2021/12/06 12:0 a.m.•16 views

WPcalc <= 2.1 - Authenticated SQL Injection

The plugin does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability. Plugin author closed the plugin. PoC http://www.example.com/wp-admin/admin.php?page=wpcalc=del=1 AND SELECT 7156 FROM SELECTSLEEP5MIkl or, usin...

8.8CVSS0.5AI score0.00889EPSS

Exploits2Affected Software1

Patchstack•added 2021/12/06 12:0 a.m.•14 views

WordPress WPcalc plugin <= 2.1 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by 0xdecafbad in WordPress WPcalc plugin versions = 2.1. Solution Deactivate and delete. This plugin has been closed as of December 9, 2021 and is not available for download. This closure is permanent...

8.8CVSS3.3AI score0.00889EPSS

Exploits2References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by