Approved changes feed: RSS · Atom

cpe:2.3:a:10up:eight_day_week_print_workflow:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor10Up (881e212c-90bc-5d75-a450-4d45d1038060)
ProductEight Day Week Print Workflow (2ea714f3-d042-59ff-ae23-147e8592460f)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-5028 vulnerable 2026-06-08 08:07:02.896883 Eight Day Week Print Workflow <= 1.2.6 - Authenticated (Subscriber+) SQL Injection via 'title' Parameter
MEDIUM (6.5)
The Eight Day Week Print Workflow plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'title' parameter in the `pp-get-articles` AJAX action in all versions up to, and including, 1.2.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Published: 2026-05-12T07:48:28.502Z
Updated: 2026-05-12T12:44:45.737Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-67621 vulnerable 2026-06-08 07:41:20.222357 WordPress Eight Day Week Print Workflow plugin <= 1.2.5 - Sensitive Data Exposure vulnerability
MEDIUM (4.3)
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in 10up Eight Day Week Print Workflow eight-day-week-print-workflow allows Retrieve Embedded Sensitive Data.This issue affects Eight Day Week Print Workflow: from n/a through <= 1.2.5.
Published: 2025-12-24T13:10:20.740Z
Updated: 2026-04-28T16:14:22.804Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.