| 2025-03-22 | CVE-2025-2627 | SQL Injection vulnerability in PHPgurukul ART Gallery Management System 1.0
A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. | 9.8 |
| 2025-03-22 | CVE-2025-2625 | SQL Injection vulnerability in Westboy Cicadascms 1.0
A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. | 4.9 |
| 2025-03-22 | CVE-2025-2624 | SQL Injection vulnerability in Westboy Cicadascms 1.0
A vulnerability was found in westboy CicadasCMS 1.0. | 7.5 |
| 2025-03-22 | CVE-2025-2186 | The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to SQL Injection via the ‘automationId’ parameter in all versions up to, and including, 3.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2025-03-22 | CVE-2025-1311 | The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in the update_delivery_status() function in all versions up to, and including, 1.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2025-03-22 | CVE-2025-2478 | The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 4.9 |
| 2025-03-22 | CVE-2025-0723 | SQL Injection vulnerability in Metagauss Profilegrid
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind and time-based SQL Injections via the rid and search parameters in all versions up to, and including, 5.9.4.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2025-03-21 | CVE-2025-2587 | SQL Injection vulnerability in Jinher OA C6 1.0
A vulnerability, which was classified as critical, was found in Jinher OA C6 1.0. | 6.3 |
| 2025-03-21 | CVE-2025-2585 | EBM Maintenance Center From EBM Technologies has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents. | 8.8 |
| 2025-03-20 | CVE-2024-12016 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CM Informatics CM News allows SQL Injection.This issue affects CM News: through 6.0. NOTE: The vendor was contacted and it was learned that the product is not supported. network low complexity CWE-89 critical | 9.8 |