Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP Easy
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in edanzer Easy Query – WP Query Builder easy-query allows Blind SQL Injection.This issue affects Eas
CVE-2025-47569
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Blind SQL Injection.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdever Cart tracking for WooCommerce cart-tracking-for-woocommerce allows SQL Injection.This issu
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Blind SQL Injection. This issue affects YITH WooComm
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdever Cart tracking for WooCommerce cart-tracking-for-woocommerce allows SQL Injection.This issu
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affec
CVE-2026-42672
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affec
CVE-2026-39531
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Philipp Speck WordPress Custom Sidebar wordpress-custom-sidebar allows Blind SQL Injection.This is
CVE-2026-42747
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects E
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects Ups
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMU DEV - Your All-in-One WordPress Platform Broken Link Checker broken-link-checker allows Blind
CVE-2025-31565
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lisandro Martinez WPSmartContracts wp-smart-contracts allows Blind SQL Injection.This issue affect
CVE-2026-39494
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection. This issue affects Product Filter b
CVE-2026-24993
CRITICAL CVSS 9.3
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statist
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert allows SQL Injection.This
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Blind SQL Injection.This issue
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YayMail yaymail allows Blind SQL Injection.This issue affects YayMail: from n/a throug
Page 1+ Next →