CVE-2026-6457 - Geo Mashup <= 1.13.19 - Authenticated (Subscriber+) SQL Injection via 'geo_mashup_null_fields' Parameter
CVE ID :CVE-2026-6457 Published : May 2, 2026, 7:46 a.m. | 20 minutes ago Description :The Geo Mashup plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geo_mashup_null_fields' parameter in all versions up to, and including, 1.13.19 due to insufficient escaping on th
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] İranlı Gruptan Ubuntu’ya Saldırı
- [CYBER] INSA Inks Proclamation to Bolster Cybersecurity Defenses
- [CYBER] From Hardship to Hazard: Tackling Ethiopia’s Migration Pressures
- [CYBER] CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments | Microsoft Security Blog
- [CYBER] CVE-2026-41940 cPanel Exploitation From a Honeypot Perspective
- [CYBER] New Deep#Door RAT uses stealth and persistence to target Windows