Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (18850 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-47575 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla School Management allows SQL Injection. This issue affects School Management: from n/a through 92.0.0.
CVE-2025-47573 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla School Management allows Blind SQL Injection. This issue affects School Management: from n/a through 92.0.0.
CVE-2025-39496 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WooBeWoo Product Filter Pro allows SQL Injection.This issue affects WooBeWoo Product Filter Pro: from n/a before 2.9.6.
CVE-2025-39484 1 Wordpress 1 Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Waituk Entrada allows SQL Injection.This issue affects Entrada: from n/a through 5.7.7.
CVE-2025-39479 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smartiolabs Smart Notification allows Blind SQL Injection. This issue affects Smart Notification: from n/a through 10.3.
CVE-2025-39389 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solid Plugins AnalyticsWP allows SQL Injection.This issue affects AnalyticsWP: from n/a through 2.1.2.
CVE-2025-32643 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPGYM allows Blind SQL Injection. This issue affects WPGYM: from n/a through 65.0.
CVE-2025-32574 1 Wordpress 1 Wordpress 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPGYM allows SQL Injection. This issue affects WPGYM: from n/a through 65.0.
CVE-2025-32573 1 Wordpress 1 Wordpress 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kiotviet KiotViet Sync allows SQL Injection. This issue affects KiotViet Sync: from n/a through 1.8.3.
CVE-2025-32550 1 Wordpress 1 Wordpress 2026-04-28 7.2 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge Click & Pledge Connect Plugin allows SQL Injection. This issue affects Click & Pledge Connect Plugin: from 2.24080000 through WP6.6.1.
CVE-2025-32303 1 Wordpress 1 Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mojoomla WPCHURCH allows Blind SQL Injection.This issue affects WPCHURCH: from n/a through 2.7.0.
CVE-2025-31044 1 Wordpress 1 Wordpress 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: from n/a through 3.3.2.
CVE-2025-30633 1 Wordpress 1 Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Amazon Native Shopping Recommendations allows SQL Injection.This issue affects Amazon Native Shopping Recommendations: from n/a through 1.3.
CVE-2025-30628 2 Aa-team, Wordpress 2 Amazon Affiliates Addon For Wpbakery Page Builder, Wordpress 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) allows SQL Injection.This issue affects Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer): from n/a through 1.2.
CVE-2025-28983 1 Wordpress 1 Wordpress 2026-04-28 9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge Click & Pledge Connect allows Privilege Escalation. This issue affects Click & Pledge Connect: from 25.04010101 through WP6.8.
CVE-2025-28982 2 Thimpress, Wordpress 2 Wp Pipes, Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThimPress WP Pipes allows SQL Injection. This issue affects WP Pipes: from n/a through 1.4.3.
CVE-2025-28949 2 Codedraft, Wordpress 2 Mediabay - Wordpress Media Library Folders, Wordpress 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codedraft Mediabay - WordPress Media Library Folders allows Blind SQL Injection.This issue affects Mediabay - WordPress Media Library Folders: from n/a through 1.4.
CVE-2025-22350 2 Wordpress, Wpindeed 2 Wordpress, Ultimate Learning Pro 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9.
CVE-2024-54284 1 Wordpress 1 Wordpress 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10.
CVE-2024-54283 1 Wordpress 1 Wordpress 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10.