Total
16096 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30571 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in STEdb Corp. STEdb Forms allows SQL Injection. This issue affects STEdb Forms: from n/a through 1.0.4. | ||||
| CVE-2025-31551 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms allows SQL Injection. This issue affects Salesmate Add-On for Gravity Forms: from n/a through 2.0.3. | ||||
| CVE-2024-56041 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes VibeBP allows SQL Injection.This issue affects VibeBP: from n/a before 1.9.9.5.1. | ||||
| CVE-2024-46542 | 1 Veritas | 1 Data Insight | 2025-07-13 | 6.5 Medium |
| Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks. | ||||
| CVE-2025-30570 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AliRezaMohammadi دکمه، شبکه اجتماعی خرید allows SQL Injection. This issue affects دکمه، شبکه اجتماعی خرید: from n/a through 2.0.6. | ||||
| CVE-2025-46455 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IndigoThemes WP HRM LITE allows SQL Injection. This issue affects WP HRM LITE: from n/a through 1.1. | ||||
| CVE-2024-54146 | 1 Cacti | 1 Cacti | 2025-07-13 | 7.6 High |
| Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29. | ||||
| CVE-2025-32127 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in onOffice GmbH onOffice for WP-Websites allows SQL Injection. This issue affects onOffice for WP-Websites: from n/a through 5.7. | ||||
| CVE-2025-30569 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jahertor WP Featured Entries allows SQL Injection. This issue affects WP Featured Entries: from n/a through 1.0. | ||||
| CVE-2024-55979 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webriderz Wr Age Verification allows SQL Injection.This issue affects Wr Age Verification: from n/a through 2.0.0. | ||||
| CVE-2024-30489 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.75. | ||||
| CVE-2024-55973 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ryan Nystrom TSB Occasion Editor allows SQL Injection.This issue affects TSB Occasion Editor: from n/a through 1.2.1. | ||||
| CVE-2025-2010 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.5 High |
| The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is vulnerable to SQL Injection via the 'jobwp_upload_resume' parameter in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | ||||
| CVE-2018-25106 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in webuidesigning NebulaX Theme up to 5.0 on WordPress. This issue affects the function nebula_send_to_hubspot of the file libs/Legacy/Legacy.php. The manipulation leads to sql injection. The attack may be initiated remotely. The patch is named 41230a81db0f671c570c2644bc2f80565ca83c5a. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2024-49655 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound ARPrice allows SQL Injection. This issue affects ARPrice: from n/a through 4.0.3. | ||||
| CVE-2024-6160 | 1 Jan Syski | 1 Megabip | 2025-07-13 | N/A |
| SQL Injection vulnerability in MegaBIP software allows attacker to disclose the contents of the database, obtain session cookies or modify the content of pages. This issue affects MegaBIP software versions through 5.12.1. | ||||
| CVE-2024-55974 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AMS Nexe Iberica Mimoos allows SQL Injection.This issue affects Mimoos: from n/a through 1.2. | ||||
| CVE-2024-55985 | 2 Wordpress, Ydesignservices | 2 Wordpress, Yds Support Ticket System | 2025-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ydesignservices YDS Support Ticket System allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through 1.0. | ||||
| CVE-2025-22502 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mindvalley MindValley Super PageMash allows SQL Injection.This issue affects MindValley Super PageMash: from n/a through 1.1. | ||||
| CVE-2025-26908 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gurmehub Kargo Entegratör allows SQL Injection. This issue affects Kargo Entegratör: from n/a through 1.1.14. | ||||