EUVD-2025-3407

Malicious code in bioql PyPI...

EUVD-2022-24869

Malicious code in bioql PyPI...

CVE-2022-1578

The My wpdb WordPress plugin before 2.5 is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack...

CVE-2025-23774

Insertion of Sensitive Information Into Sent Data vulnerability in Niket Joshi WPDB to Sql wpdb-to-sql allows Retrieve Embedded Sensitive Data.This issue affects WPDB to Sql: from n/a through = 1.2...

CVE-2025-23774

Insertion of Sensitive Information Into Sent Data vulnerability in Niket Joshi WPDB to Sql wpdb-to-sql allows Retrieve Embedded Sensitive Data.This issue affects WPDB to Sql: from n/a through = 1.2...

CVE-2025-23774

CVE-2025-23774 is described as an information-exposure flaw in the WordPress plugin WPDB to SQL (NotFound WPDB to Sql). Public text states it affects the plugin version range “from n/a through 1.2” and that the issue is an Insertion of Sensitive Information Into Sent Data vulnerability that allow...

CVE-2025-23774 WordPress WPDB to Sql plugin <= 1.2 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Niket Joshi WPDB to Sql wpdb-to-sql allows Retrieve Embedded Sensitive Data.This issue affects WPDB to Sql: from n/a through = 1.2...

CVE-2024-12615

The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb-prefix value in several AJAX actions in all versions up to, and including, 1.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

CVE-2024-12613

The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb-prefix value in several AJAX fuctions in all versions up to, and including, 1.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

PT-2025-1912 · WordPress · Passwords Manager

Name of the Vulnerable Software and Affected Versions: Passwords Manager plugin for WordPress versions 1.4.8 and earlier Description: The issue is related to SQL Injection via the $wpdb-prefix value in several AJAX functions due to insufficient escaping on the user supplied parameter and lack of...

WordPress My wpdb plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2022-1578

The My wpdb WordPress plugin before 2.5 is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack...

CVE-2022-1578 My wpdb < 2.5 - Arbitrary SQL Query via CSRF

The My wpdb WordPress plugin before 2.5 is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack...

WordPress plugin My wpdb 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2022-1578

The CVE concerns the WordPress plugin My wpdb (versions prior to 2.5) which lacks a CSRF check when executing SQL queries. The underlying issue enables a logged-in administrator to run arbitrary SQL via CSRF; impact is high (confidentiality, integrity, availability). Affected component: My wpdb p...

PT-2022-13977 · WordPress · Wpdb

Name of the Vulnerable Software and Affected Versions: My wpdb WordPress plugin versions prior to 2.5 Description: The issue is related to a missing CSRF check when running SQL queries, which could allow an attacker to make a logged-in admin run an arbitrary SQL query via a CSRF attack...

WordPress My wpdb plugin <= 2.4 - Arbitrary SQL Query via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary SQL Query via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress My wpdb plugin versions = 2.4. Solution Update the WordPress My wpdb plugin to the latest available version at least 2.5...

My wpdb < 2.5 - Arbitrary SQL Query via CSRF

The plugin is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack document.getElementById"test".submit;...

My wpdb < 2.5 - Arbitrary SQL Query via CSRF

The plugin is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack PoC...

Visitors Traffic Real Time Statistics < 1.13 - CSRF to Stored XSS/SQLi

A CSRF vulnerability in the plugin gives attackers the possibility to craft an AJAX request, which lets blog administrators alter plugin settings. Due to a lack of encoding for malicious data when displaying it in the admin backend, there is a Stored XSS. Also, as the user input coming from the...