CVE Daily
← All tags

Tag: Time-based SQL Injection

All CVEs associated with "Time-based SQL Injection". Page 1/1 • 5 CVEs.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2025-08-13
High

CVE-2025-6184

The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter used in the get_submitted_assignments() function in a…

CVSS: 8.8 CWE: CWE-89
Read more
2025-08-06
High

CVE-2025-7036

The CleverReach® WP plugin for WordPress is vulnerable to time-based SQL Injection via the ‘title’ parameter in all versions up to, and including, 1.5.20 due to insufficient escaping on the user supp…

CVSS: 7.5 CWE: CWE-89
Read more
2025-07-30
Medium

CVE-2025-6348

The Smart Slider 3 plugin for WordPress is vulnerable to time-based SQL Injection via the ‘sliderid’ parameter in all versions up to, and including, 3.5.1.28 due to insufficient escaping on the user…

CVSS: 4.9 CWE: CWE-89
Read more
2025-07-26
High

CVE-2024-13507

The GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for WordPress is vulnerable to time-based SQL Injection via the dist parameter in all versions up to, and incl…

CVSS: 7.5 CWE: CWE-89
Read more
2025-07-18
Medium

CVE-2025-7638

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to time-based SQL Injection via the `order_by` parameter in all versions up to, and includin…

CVSS: 4.9 CWE: CWE-89
Read more