Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-59557
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeMove Learts Addons learts-addons allows SQL Injection.This issue affects Learts Addons: from
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist wishlist allows SQL Injection.This issue affects Wishlist: from n/a through <
CVE-2025-67928
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themesuite Automotive Listings automotive allows Blind SQL Injection.This issue affects Automotive
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText™ Digital Asset Management. T he vulnerability could allow an authenticated user to run a
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in manu225 Falling things falling-things allows SQL Injection.This issue affects Falling things: from
CVE-2024-56039
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes VibeBP vibebp allows SQL Injection.This issue affects VibeBP: from n/a through < 1.9.9.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.
A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or comm
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through <= 5.1.9.
CVE-2025-39474
CRITICAL CVSS 9.8
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeMove Amely amely allows SQL Injection.This issue affects Amely: from n/a through <= 3.1.4.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in aaronfrey Nearby Locations nearby-locations allows SQL Injection.This issue affects Nearby Locatio
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AyeCode Ltd GeoDirectory.This issue affects GeoDirectory: from n/a through 2.3.61.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist wishlist allows SQL Injection.This issue affects Wishlist: from n/a through <
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Constantin Boiangiu Vimeotheque codeflavors-vimeo-video-post-lite allows SQL Injection.This issue
CVE-2024-55972
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in chriscarvache eTemplates etemplates allows SQL Injection.This issue affects eTemplates: from n/a t
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.1.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes VibeBP vibebp allows SQL Injection.This issue affects VibeBP: from n/a through < 1.9.9.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion author-discussion allows Blind SQL Injection.This issue affects Au
CVE-2025-22655
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Caio Web Dev CWD – Stealth Links cwd-stealth-links allows SQL Injection.This issue affects CWD – S
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infility Infility Global infility-global allows SQL Injection.This issue affects Infility Global: