Eight Day Week Print Workflow
Approved changes feed: RSS · Atom
cpe:2.3:a:10up:eight_day_week_print_workflow:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | 10Up (881e212c-90bc-5d75-a450-4d45d1038060) |
|---|---|
| Product | Eight Day Week Print Workflow (2ea714f3-d042-59ff-ae23-147e8592460f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-5028 |
vulnerable | 2026-06-08 08:07:02.896883 |
Eight Day Week Print Workflow <= 1.2.6 - Authenticated (Subscriber+) SQL Injection via 'title' Parameter
MEDIUM (6.5)
The Eight Day Week Print Workflow plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'title' parameter in the `pp-get-articles` AJAX action in all versions up to, and including, 1.2.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Published: 2026-05-12T07:48:28.502Z
Updated: 2026-05-12T12:44:45.737Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-67621 |
vulnerable | 2026-06-08 07:41:20.222357 |
WordPress Eight Day Week Print Workflow plugin <= 1.2.5 - Sensitive Data Exposure vulnerability
MEDIUM (4.3)
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in 10up Eight Day Week Print Workflow eight-day-week-print-workflow allows Retrieve Embedded Sensitive Data.This issue affects Eight Day Week Print Workflow: from n/a through <= 1.2.5.
Published: 2025-12-24T13:10:20.740Z
Updated: 2026-04-28T16:14:22.804Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.