Total
17576 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68550 | 2 Villatheme, Wordpress | 2 Wpbulky, Wordpress | 2026-01-20 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VillaTheme WPBulky allows Blind SQL Injection.This issue affects WPBulky: from n/a through 1.1.13. | ||||
| CVE-2025-68519 | 2 Berocket, Wordpress | 2 Brands For Woocommerce, Wordpress | 2026-01-20 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through <= 3.8.6.3. | ||||
| CVE-2025-68496 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through <= 1.10.1. | ||||
| CVE-2025-68056 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LBG Zoominoutslider lbg_zoominoutslider allows SQL Injection.This issue affects LBG Zoominoutslider: from n/a through <= 5.4.5. | ||||
| CVE-2025-68055 | 2 Themefic, Wordpress | 2 Hydra Booking, Wordpress | 2026-01-20 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through <= 1.1.32. | ||||
| CVE-2025-68054 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup CountDown With Image or Video Background countdown_with_background allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through <= 1.5. | ||||
| CVE-2025-68053 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup xPromoter top_bar_promoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through <= 1.3.4. | ||||
| CVE-2025-67999 | 2 Stefanno Lissa, Wordpress | 2 Newsletter, Wordpress | 2026-01-20 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through <= 9.0.9. | ||||
| CVE-2025-67962 | 2 Aioseo, Wordpress | 2 Broken Link Checker, Wordpress | 2026-01-20 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AIOSEO Plugin Team Broken Link Checker broken-link-checker-seo allows SQL Injection.This issue affects Broken Link Checker: from n/a through <= 1.2.6. | ||||
| CVE-2025-67950 | 2 Syed Balkhi, Wordpress | 2 All In One Seo Pack, Wordpress | 2026-01-20 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Blind SQL Injection.This issue affects All In One SEO Pack: from n/a through <= 4.9.1. | ||||
| CVE-2025-67928 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themesuite Automotive Listings automotive allows Blind SQL Injection.This issue affects Automotive Listings: from n/a through <= 18.6. | ||||
| CVE-2025-67921 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VanKarWai Lobo lobo allows Blind SQL Injection.This issue affects Lobo: from n/a through < 2.8.6. | ||||
| CVE-2025-67520 | 2 Tinysolutions, Wordpress | 2 Media Library Tools, Wordpress | 2026-01-20 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through <= 1.6.15. | ||||
| CVE-2025-67519 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjahan Jewel Ninja Tables ninja-tables allows SQL Injection.This issue affects Ninja Tables: from n/a through <= 5.2.3. | ||||
| CVE-2025-67518 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Accordion Slider PRO accordion_slider_pro allows Blind SQL Injection.This issue affects Accordion Slider PRO: from n/a through <= 1.2. | ||||
| CVE-2025-67517 | 2 Artplacer, Wordpress | 2 Artplacer Widget, Wordpress | 2026-01-20 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Blind SQL Injection.This issue affects ArtPlacer Widget: from n/a through <= 2.22.9.2. | ||||
| CVE-2025-67516 | 2 Agile Logix, Wordpress | 2 Store Locator Wordpress, Wordpress Mu | 2026-01-20 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Blind SQL Injection.This issue affects Store Locator WordPress: from n/a through <= 1.6.2. | ||||
| CVE-2025-66095 | 2 Iqonic, Wordpress | 2 Kivicare, Wordpress | 2026-01-20 | 4.3 Medium |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows SQL Injection.This issue affects KiviCare: from n/a through <= 3.6.13. | ||||
| CVE-2025-64371 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through < 3.2.6. | ||||
| CVE-2025-64366 | 2 Stylemixthemes, Wordpress | 2 Masterstudy Lms, Wordpress | 2026-01-20 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Blind SQL Injection.This issue affects MasterStudy LMS: from n/a through <= 3.6.27. | ||||