CVE-2025-68990

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in xenioushk BWL Pro Voting Manager bwl-pro-voting-manager allows Blind SQL Injection.This issue affects BWL Pro Voting Manager: from n/a through = 1.4.9...

CVE-2025-68992

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xenioushk BWL Knowledge Base Manager bwl-kb-manager allows Stored XSS.This issue affects BWL Knowledge Base Manager: from n/a through = 1.6.3...

PT-2025-53881

Name of the Vulnerable Software and Affected Versions xenioushk BWL Knowledge Base Manager versions through 1.6.3 Description The software contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting XSS. This means that malicious scrip...

CVE-2024-32136

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3...

CVE-2024-32136 WordPress BWL Advanced FAQ Manager plugin <= 2.0.3 - Auth. SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3...

CVE-2024-32136

CVE-2024-32136 is an SQL Injection vulnerability in the BWL Advanced FAQ Manager plugin for WordPress (affected up to version 2.0.3). The issue allows a remote attacker to influence database queries via the plugin, with an exploitable path requiring network access and authenticated (administrator...