CVE-2025-26946

HIGH Year: 2025
CVSS v3 Score
7.6
High
Weakness Type
CWE-89
View all →

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jgwhite33 WP Yelp Review Slider allows Blind SQL Injection. This issue affects WP Yelp Review Slider: from n/a through 8.1.

Related Vulnerabilities

CVE-2016-8928

HIGH
CVSS:7.6(High)

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the ...

CWE-892016

CVE-2016-8930

HIGH
CVSS:7.6(High)

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the ...

CWE-892016

CVE-2019-19094

HIGH
CVSS:7.6(High)

Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database.

CWE-892019

CVE-2019-4481

HIGH
CVSS:7.6(High)

IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which...

CWE-892019

CVE-2019-4483

HIGH
CVSS:7.6(High)

IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which...

CWE-892019

CVE-2019-4752

HIGH
CVSS:7.6(High)

IBM Emptoris Spend Analysis and IBM Emptoris Strategic Supply Management Platform 10.1.0.x, 10.1.1.x, and 10.1.3.x is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL st...

CWE-892019