Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-28982
CRITICAL CVSS 9.8
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThimPress WP Pipes allows SQL Injection. This issue affects WP Pipes: from n/a through 1.4.3.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel wp-travel allows SQL Injection.This issue affects WP Travel: from n/a through
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AliRezaMohammadi دکمه، شبکه اجتماعی خرید dokme allows SQL Injection.This issue affects دکمه، شبکه
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPGYM allows SQL Injection. This issue affects WPGYM: from n/a through 65.0.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Man
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in storeapps Smart Manager smart-manager-for-wp-e-commerce allows Blind SQL Injection.This issue affe
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a throug
CVE-2025-39395
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a throug
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Blind SQL Injection.This issue
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText™ Digital Asset Management. T he vulnerability could allow an authenticated user to run a
CVE-2025-46460
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Detheme Easy Guide wp-easy-guide allows SQL Injection.This issue affects Easy Guide: from n/a thro
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL Injection.This issue affects Ultimate WP M
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stark Digital WP Testimonial Widget.This issue affects WP Testimonial Widget: from n/a through 3.1
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bulktheme WOOEXIM wooexim allows SQL Injection.This issue affects WOOEXIM: from n/a through <= 5.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AmentoTech WP Guppy wp-guppy allows SQL Injection.This issue affects WP Guppy: from n/a through <=
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert allows SQL Injection.This
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through <= 14.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ProfitShare.ro WP Profitshare wp-profitshare allows SQL Injection.This issue affects WP Profitshar
CVE-2026-42672
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit