CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 232 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-6717 | Med | 0.42 | 6.5 | 0.00 | Jul 18, 2025 | The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for… | ||
| CVE-2025-29267 | Med | 0.42 | 6.5 | 0.00 | Jul 8, 2025 | SQL Injection vulnerability in Abis, Inc Adjutant Core Accounting ERP build v.PreBeta250F allows a remote attacker to obtain a sensitive information via the cid parameter in the GET request. | ||
| CVE-2025-5673 | Med | 0.42 | 6.5 | 0.00 | Jun 17, 2025 | The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL Injection via the ‘prgSortPostType’ parameter in all versions up to, and including, 8.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient… | ||
| CVE-2025-5563 | Med | 0.42 | 6.5 | 0.00 | Jun 6, 2025 | The WP-Addpub plugin for WordPress is vulnerable to SQL Injection via the 'wp-addpub' shortcode in all versions up to, and including, 1.2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it… | ||
| CVE-2025-27753 | Med | 0.42 | 6.5 | 0.00 | Jun 5, 2025 | A SQLi vulnerability in RSMediaGallery component 1.7.4 - 2.1.6 for Joomla was discovered. The vulnerability is due to the use of unescaped user-supplied parameters in SQL queries within the dashboard component. This allows an authenticated attacker to inject malicious SQL code… | ||
| CVE-2025-48912 | Med | 0.42 | 6.5 | 0.01 | May 30, 2025 | An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields. This allowed the execution of sub-queries to evade parsing defenses ultimately granting unauthorized access to data. … | ||
| CVE-2025-47460 | Hig | 0.42 | 7.6 | 0.00 | May 7, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TrackShip TrackShip for WooCommerce trackship-for-woocommerce allows SQL Injection.This issue affects TrackShip for WooCommerce: from n/a through <= 1.9.1. | ||
| CVE-2024-12023 | Med | 0.42 | 6.5 | 0.00 | May 2, 2025 | The FULL – Cliente plugin for WordPress is vulnerable to SQL Injection via the 'formId' parameter in all versions 3.1.5 to 3.1.25 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible… | ||
| CVE-2025-2890 | Med | 0.42 | 6.5 | 0.00 | Apr 30, 2025 | The tagDiv Opt-In Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ‘subscriptionCouponId’ parameter in all versions up to, and including, 1.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the… | ||
| CVE-2025-28076 | Med | 0.42 | 6.5 | 0.00 | Apr 25, 2025 | Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.4 and CO2Scope <= 1.3.4 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) timeago, (2) user, (3) filter, (4) target, (5) p1, (6) p2, (7) p3, (8) p4, (9) p5, (10) p6, (11) p7, (12)… | ||
| CVE-2025-3280 | Med | 0.42 | 6.5 | 0.00 | Apr 24, 2025 | The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value_filter' parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack… | ||
| CVE-2025-2010 | Hig | 0.42 | 7.5 | 0.02 | Apr 19, 2025 | The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is vulnerable to SQL Injection via the 'jobwp_upload_resume' parameter in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack… | ||
| CVE-2025-32993 | Med | 0.42 | 6.5 | 0.00 | Apr 15, 2025 | Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password (aka index.php?/home/forgot-password) vis_username parameter. Authentication is not needed. | ||
| CVE-2025-29189 | — | Hig | 0.42 | 7.6 | 0.00 | Apr 9, 2025 | Flowise <= 2.2.3 is vulnerable to SQL Injection. via tableName parameter at Postgres_VectorStores. | |
| CVE-2025-1264 | Med | 0.42 | 6.5 | 0.00 | Apr 6, 2025 | The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack… | ||
| CVE-2025-30212 | Hig | 0.42 | 7.5 | 0.00 | Mar 25, 2025 | Frappe is a full-stack web application framework. An SQL Injection vulnerability has been identified in Frappe Framework prior to versions 14.89.0 and 15.51.0 which could allow a malicious actor to access sensitive information. Versions 14.89.0 and 15.51.0 fix the issue.… | ||
| CVE-2025-2186 | Hig | 0.42 | 7.5 | 0.00 | Mar 22, 2025 | The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to SQL Injection via the ‘automationId’ parameter in all versions up to, and including, 3.5.1 due to insufficient escaping on the user… | ||
| CVE-2025-1670 | Med | 0.42 | 6.5 | 0.00 | Mar 15, 2025 | The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'cid' parameter in all versions up to, and including, 2.2.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing… | ||
| CVE-2025-1669 | Med | 0.42 | 6.5 | 0.00 | Mar 15, 2025 | The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'addNotify' action in all versions up to, and including, 2.2.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the… | ||
| CVE-2025-1702 | Hig | 0.42 | 7.5 | 0.01 | Mar 5, 2025 | The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient… |
- risk 0.42cvss 6.5epss 0.00
The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for…
- risk 0.42cvss 6.5epss 0.00
SQL Injection vulnerability in Abis, Inc Adjutant Core Accounting ERP build v.PreBeta250F allows a remote attacker to obtain a sensitive information via the cid parameter in the GET request.
- risk 0.42cvss 6.5epss 0.00
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL Injection via the ‘prgSortPostType’ parameter in all versions up to, and including, 8.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient…
- risk 0.42cvss 6.5epss 0.00
The WP-Addpub plugin for WordPress is vulnerable to SQL Injection via the 'wp-addpub' shortcode in all versions up to, and including, 1.2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
- risk 0.42cvss 6.5epss 0.00
A SQLi vulnerability in RSMediaGallery component 1.7.4 - 2.1.6 for Joomla was discovered. The vulnerability is due to the use of unescaped user-supplied parameters in SQL queries within the dashboard component. This allows an authenticated attacker to inject malicious SQL code…
- risk 0.42cvss 6.5epss 0.01
An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields. This allowed the execution of sub-queries to evade parsing defenses ultimately granting unauthorized access to data. …
- risk 0.42cvss 7.6epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TrackShip TrackShip for WooCommerce trackship-for-woocommerce allows SQL Injection.This issue affects TrackShip for WooCommerce: from n/a through <= 1.9.1.
- risk 0.42cvss 6.5epss 0.00
The FULL – Cliente plugin for WordPress is vulnerable to SQL Injection via the 'formId' parameter in all versions 3.1.5 to 3.1.25 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible…
- risk 0.42cvss 6.5epss 0.00
The tagDiv Opt-In Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ‘subscriptionCouponId’ parameter in all versions up to, and including, 1.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the…
- risk 0.42cvss 6.5epss 0.00
Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.4 and CO2Scope <= 1.3.4 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) timeago, (2) user, (3) filter, (4) target, (5) p1, (6) p2, (7) p3, (8) p4, (9) p5, (10) p6, (11) p7, (12)…
- risk 0.42cvss 6.5epss 0.00
The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value_filter' parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack…
- risk 0.42cvss 7.5epss 0.02
The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is vulnerable to SQL Injection via the 'jobwp_upload_resume' parameter in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack…
- risk 0.42cvss 6.5epss 0.00
Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password (aka index.php?/home/forgot-password) vis_username parameter. Authentication is not needed.
- risk 0.42cvss 7.6epss 0.00
Flowise <= 2.2.3 is vulnerable to SQL Injection. via tableName parameter at Postgres_VectorStores.
- risk 0.42cvss 6.5epss 0.00
The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack…
- risk 0.42cvss 7.5epss 0.00
Frappe is a full-stack web application framework. An SQL Injection vulnerability has been identified in Frappe Framework prior to versions 14.89.0 and 15.51.0 which could allow a malicious actor to access sensitive information. Versions 14.89.0 and 15.51.0 fix the issue.…
- risk 0.42cvss 7.5epss 0.00
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to SQL Injection via the ‘automationId’ parameter in all versions up to, and including, 3.5.1 due to insufficient escaping on the user…
- risk 0.42cvss 6.5epss 0.00
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'cid' parameter in all versions up to, and including, 2.2.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing…
- risk 0.42cvss 6.5epss 0.00
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'addNotify' action in all versions up to, and including, 2.2.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the…
- risk 0.42cvss 7.5epss 0.01
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient…