WordPress WPSmartContracts <1.3.12 - SQL Injection

WordPress WPSmartContracts plugin before 1.3.12 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker with a role as low as author can possibly obtain sensitive information, modify data, and/or execute...

EUVD-2025-10778

Malicious code in bioql PyPI...

CVE-2022-3768

The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author...

CVE-2025-31565

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Lisandro Martinez WPSmartContracts wp-smart-contracts allows Blind SQL Injection.This issue affects WPSmartContracts: from n/a through = 2.0.12...

CVE-2025-31565

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Lisandro Martinez WPSmartContracts wp-smart-contracts allows Blind SQL Injection.This issue affects WPSmartContracts: from n/a through = 2.0.12...

CVE-2025-31565

CVE-2025-31565: Unauthenticated SQL Injection in WPSmartContracts. Affected product: WPSmartContracts (version range 0? through 2.0.10; exact earlier versions not specified). Root cause: Improper neutralization of input elements used in SQL commands. Impact indicated as High confidentiality impac...

CVE-2025-31565 WordPress WPSmartContracts plugin <= 2.0.12 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Lisandro Martinez WPSmartContracts wp-smart-contracts allows Blind SQL Injection.This issue affects WPSmartContracts: from n/a through = 2.0.12...

CVE-2025-31565 WordPress WPSmartContracts plugin <= 2.0.12 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Lisandro Martinez WPSmartContracts wp-smart-contracts allows Blind SQL Injection.This issue affects WPSmartContracts: from n/a through = 2.0.12...

WordPress plugin WPSmartContracts SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

PT-2025-16048 · Unknown · Wpsmartcontracts

Name of the Vulnerable Software and Affected Versions: WPSmartContracts versions prior to 2.0.10 Description: The issue is related to an improper neutralization of special elements used in an SQL command, allowing Blind SQL Injection. This enables an attacker to inject malicious SQL code,...

WordPress WPSmartContracts plugin SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2022-3768

The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author...

CVE-2022-3768

The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author...

CVE-2022-3768 WPSmartContracts < 1.3.12 - Author+ SQLi

The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author...

CVE-2022-3768 WPSmartContracts < 1.3.12 - Author+ SQLi

The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author...

CVE-2022-3768

The CVE concerns the WordPress WPSmartContracts plugin before 1.3.12, which contains a SQL injection due to improper sanitisation/escaping of a parameter used in a SQL statement. An attacker with a low-privilege role (as low as author) can potentially obtain sensitive data, modify data, and perfo...

WordPress plugin WPSmartContracts SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PT-2022-24039 · WordPress · Wpsmartcontracts

Name of the Vulnerable Software and Affected Versions: WPSmartContracts WordPress plugin versions prior to 1.3.12 Description: The issue arises from the plugin's failure to properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection. This can be exploit...

WPSmartContracts < 1.3.12 - Author+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author Logon as an author and open the following URL, which will result in a delayed response...

WordPress WPSmartContracts plugin <= 1.3.11 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Kunal Sharma University of Kaiserslautern and Daniel Krohmer Fraunhofer IESE in the WordPress WPSmartContracts plugin versions = 1.3.11 Solution Update the WordPress WPSmartContracts plugin to the latest available version at least 1.3.12...