Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-11024
CRITICAL CVSS 9.8
Find Similar
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. Thi
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to blind SQL Injection via the `phrase` parameter in all versions up to, and including, 1.3.7.1 due to insuf
CVE-2025-32565
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vertim Neon Product Designer neon-product-designer-for-woocommerce allows SQL Injection.This issue
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vertim Neon Product Designer neon-product-designer-for-woocommerce allows SQL Injection.This issue
CVE-2026-40797
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injection. This issue affects WebinarIgnition: f
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Product Labels For Woocommerce aco-product-labels-for-woocommerce allows Blind SQL Injecti
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Blind SQL Injection.This issue affects Ultra P
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VillaTheme WPBulky wpbulky-wp-bulk-edit-post-types allows Blind SQL Injection.This issue affects W
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects Ups
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free.This
CVE-2025-31553
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statist
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Blind S
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods.This issue affects Ni WooCom
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YayMail yaymail allows Blind SQL Injection.This issue affects YayMail: from n/a throug
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in edanzer Easy Query – WP Query Builder easy-query allows Blind SQL Injection.This issue affects Eas
CVE-2025-39496
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WooBeWoo Product Filter Pro allows SQL Injection.This issue affects WooBeWoo Product Filter Pr
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mrcheck116 FERMA.ru.net ferma-ru-net-checkout allows Blind SQL Injection.This issue affects FERMA.
CVE-2025-39445
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder superstorefinder-wp allows SQL Injection.This issue affects Super St
CVE-2025-28898
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows SQL Injection.This issue affects
CVE-2024-56290
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce different-shipping-and-bill