|
3881
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filters[orderby_order]' parameter in the 'learndash_propanel_template' AJAX action in all versions up t…
|
CWE-89
SQL Injection
|
CVE-2026-3079
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3882
|
6.5 |
MEDIUM
Network
|
-
|
-
|
El plugin LearnDash LMS para WordPress es vulnerable a inyección SQL ciega basada en tiempo a través del parámetro 'filters[orderby_order]' en la acción AJAX 'learndash_propanel_template' en todas la…
|
CWE-89
SQL Injection
|
CVE-2026-3079
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3883
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-4624
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3884
|
7.3 |
HIGH
Network
|
-
|
-
|
Se detectó una vulnerabilidad en SourceCodester Online Library Management System 1.0. El elemento afectado es una función desconocida del archivo /home.php del componente Gestor de Parámetros. Realiz…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-4624
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3885
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in SourceCodester Online Admission System 1.0. This affects an unknown function of the file /programmes.php. Executing a manipulation of the argument program can lead to sql inj…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-4625
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3886
|
7.3 |
HIGH
Network
|
-
|
-
|
Se ha encontrado un fallo en SourceCodester Online Admission System 1.0. Esto afecta a una función desconocida del archivo /programmes.php. La ejecución de una manipulación del argumento program pued…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-4625
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3887
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00. This affects an unknown function of the file…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-4623
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3888
|
7.3 |
HIGH
Network
|
-
|
-
|
Una vulnerabilidad de seguridad ha sido detectada en DefaultFuction Jeson-Customer-Relationship-Management-System hasta 1b4679c4d06b90d31dd521c2b000bfdec5a36e00. Esto afecta una función desconocida d…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-4623
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3889
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check in all versions up to, and including, 3.1.2. This is due to th…
|
CWE-862
Missing Authorization
|
CVE-2026-3138
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3890
|
6.5 |
MEDIUM
Network
|
-
|
-
|
El plugin Product Filter for WooCommerce by WBW para WordPress es vulnerable a la pérdida de datos no autorizada debido a una comprobación de capacidad faltante en todas las versiones hasta la 3.1.2,…
|
CWE-862
Missing Authorization
|
CVE-2026-3138
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
