Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-20256 |
|
SQL Injection in sqli (CVE-2017-20256)
SQL injection in sqli (CVE-2017-20256). Confidential information can be exposed externally.
|
| CVE-2017-20253 |
|
SQL Injection in sqli (CVE-2017-20253)
SQL injection in sqli (CVE-2017-20253). Confidential information can be exposed externally.
|
| CVE-2017-20252 |
|
SQL Injection in sqli (CVE-2017-20252)
SQL injection in sqli (CVE-2017-20252). Confidential information can be exposed externally.
|
| CVE-2017-20255 |
|
SQL Injection in sqli (CVE-2017-20255)
SQL injection in sqli (CVE-2017-20255). Confidential information can be exposed externally.
|
| CVE-2017-20254 |
|
SQL Injection in sqli (CVE-2017-20254)
SQL injection in sqli (CVE-2017-20254). Confidential information can be exposed externally.
|
| CVE-2017-20258 |
|
SQL Injection in sqli (CVE-2017-20258)
SQL injection in sqli (CVE-2017-20258). Confidential information can be exposed externally.
|
| CVE-2026-12050 |
|
SQL Injection in sqli (CVE-2026-12050)
SQL injection in sqli (CVE-2026-12050). Risk of unauthorized operations or information disclosure. Exploitable via `POST /browser/server/restore_point/{gid}/{sid}`.
|
| CVE-2026-12044 |
|
SQL Injection in sqli (CVE-2026-12044)
SQL injection in sqli (CVE-2026-12044). Successful exploitation can lead to full system takeover. Exploitable via ``qtLiteral``.
|
| CVE-2026-56012 |
|
SQL Injection in sqli (CVE-2026-56012)
SQL injection in sqli (CVE-2026-56012). Confidential information can be exposed externally.
|
| CVE-2026-54419 |
|
SQL Injection in sqli (CVE-2026-54419)
SQL injection in sqli (CVE-2026-54419). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40455 |
|
SQL Injection in sqli (CVE-2026-40455)
SQL injection in sqli (CVE-2026-40455). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54222 |
|
SQL Injection in sqli (CVE-2026-54222)
SQL injection in sqli (CVE-2026-54222). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55740 |
|
SQL Injection in sqli (CVE-2026-55740)
SQL injection in sqli (CVE-2026-55740). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11360 |
|
SQL Injection in wordpress (CVE-2026-11360)
SQL injection in wordpress (CVE-2026-11360). Confidential information can be exposed externally.
|
| CVE-2026-11777 |
|
SQL Injection in wordpress (CVE-2026-11777)
SQL injection in wordpress (CVE-2026-11777). Confidential information can be exposed externally.
|
| CVE-2026-11776 |
|
SQL Injection in wordpress (CVE-2026-11776)
SQL injection in wordpress (CVE-2026-11776). Confidential information can be exposed externally.
|
| CVE-2026-10736 |
|
SQL Injection in wordpress (CVE-2026-10736)
SQL injection in wordpress (CVE-2026-10736). Confidential information can be exposed externally.
|
| CVE-2026-35068 |
|
SQL Injection in sqli (CVE-2026-35068)
SQL injection in sqli (CVE-2026-35068). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35069 |
|
SQL Injection in sqli (CVE-2026-35069)
SQL injection in sqli (CVE-2026-35069). Confidential information can be exposed externally.
|
| CVE-2026-54812 |
|
SQL Injection in sqli (CVE-2026-54812)
SQL injection in sqli (CVE-2026-54812). Confidential information can be exposed externally.
|
| CVE-2026-54818 |
|
SQL Injection in sqli (CVE-2026-54818)
SQL injection in sqli (CVE-2026-54818). Confidential information can be exposed externally.
|
| CVE-2026-54819 |
|
SQL Injection in sqli (CVE-2026-54819)
SQL injection in sqli (CVE-2026-54819). Confidential information can be exposed externally.
|
| CVE-2026-54809 |
|
SQL Injection in sqli (CVE-2026-54809)
SQL injection in sqli (CVE-2026-54809). Confidential information can be exposed externally.
|
| CVE-2026-54808 |
|
SQL Injection in sqli (CVE-2026-54808)
SQL injection in sqli (CVE-2026-54808). Confidential information can be exposed externally.
|
| CVE-2026-54813 |
|
SQL Injection in sqli (CVE-2026-54813)
SQL injection in sqli (CVE-2026-54813). Confidential information can be exposed externally.
|
| CVE-2026-54815 |
|
SQL Injection in c (CVE-2026-54815)
SQL injection in c (CVE-2026-54815). Confidential information can be exposed externally.
|
| CVE-2025-59554 |
|
Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions.
Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions.
|
| CVE-2026-54811 |
|
Unauthenticated SQL Injection in WP eMember < v10.9.4 versions.
Unauthenticated SQL Injection in WP eMember < v10.9.4 versions.
|
| CVE-2026-54185 |
|
Subscriber SQL Injection in Cornerstone < 7.8.8 versions.
Subscriber SQL Injection in Cornerstone < 7.8.8 versions.
|
| CVE-2026-54186 |
|
Unauthenticated SQL Injection in JobSearch <= 3.2.9 versions.
Unauthenticated SQL Injection in JobSearch <= 3.2.9 versions.
|
| CVE-2026-54187 |
|
Unauthenticated SQL Injection in JetEngine <= 3.8.10.1 versions.
Unauthenticated SQL Injection in JetEngine <= 3.8.10.1 versions.
|
| CVE-2026-49084 |
|
Unauthenticated SQL Injection in JetEngine < 3.8.9.1 versions.
Unauthenticated SQL Injection in JetEngine < 3.8.9.1 versions.
|
| CVE-2026-49080 |
|
Unauthenticated SQL Injection in wpDataTables <= 7.3.6 versions.
Unauthenticated SQL Injection in wpDataTables <= 7.3.6 versions.
|
| CVE-2026-48967 |
|
Subscriber SQL Injection in Geo Mashup <= 1.13.19 versions.
Subscriber SQL Injection in Geo Mashup <= 1.13.19 versions.
|
| CVE-2026-49079 |
|
Unauthenticated SQL Injection in JetSearch <= 3.5.17 versions.
Unauthenticated SQL Injection in JetSearch <= 3.5.17 versions.
|
| CVE-2026-49073 |
|
SQL Injection in sqli (CVE-2026-49073)
SQL injection in sqli (CVE-2026-49073). Confidential information can be exposed externally.
|
| CVE-2026-49076 |
|
Unauthenticated SQL Injection in JetEngine <= 3.8.9.1 versions.
Unauthenticated SQL Injection in JetEngine <= 3.8.9.1 versions.
|
| CVE-2026-48875 |
|
Unauthenticated SQL Injection in JetSmartFilters <= 3.8.1 versions.
Unauthenticated SQL Injection in JetSmartFilters <= 3.8.1 versions.
|
| CVE-2026-39596 |
|
Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
|
| CVE-2026-28576 |
|
SQL Injection in sqli (CVE-2026-28576)
SQL injection in sqli (CVE-2026-28576). Confidential information can be exposed externally.
|
| CVE-2026-39438 |
|
Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions.
Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions.
|
| CVE-2026-22335 |
|
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
|
| CVE-2026-22332 |
|
Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.
Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.
|
| CVE-2026-22340 |
|
Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions.
Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions.
|
| CVE-2026-12360 |
|
SQL Injection in wordpress (CVE-2026-12360)
SQL injection in wordpress (CVE-2026-12360). Confidential information can be exposed externally.
|
| CVE-2025-69135 |
|
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions.
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions.
|
| CVE-2026-52715 |
|
Unauthenticated SQL Injection in GEO my WordPress <= 4.5.5 versions.
Unauthenticated SQL Injection in GEO my WordPress <= 4.5.5 versions.
|
| CVE-2026-49772 |
|
SQL Injection in sqli (CVE-2026-49772)
SQL injection in sqli (CVE-2026-49772). Confidential information can be exposed externally.
|
| CVE-2026-39574 |
|
Unauthenticated SQL Injection in InPost Gallery <= 2.1.4.6 versions.
Unauthenticated SQL Injection in InPost Gallery <= 2.1.4.6 versions.
|
| CVE-2026-39581 |
|
Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic <= 1.1.4 versions.
Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic <= 1.1.4 versions.
|