Lucene search
K

5 matches found

Packet Storm
Packet Storm
added 2025/07/11 12:0 a.m.101 views

📄 WordPress File Provider 1.2.3 SQL Injection

WordPress File Provider plugin versions 1.2.3 and below suffer from an unauthenticated remote SQL injection vulnerability. CVE-2025-4578 File Provider = 1.2.3 - Unauthenticated SQL Injection Description The File Provider plugin for WordPress is vulnerable to SQL Injection via the 'fileId' paramet...

9.8CVSS8.6AI score0.00475EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/06/06 6:21 a.m.12 views

CVE-2025-4578

The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS7.2AI score0.00475EPSS
Exploits3References1
Circl
Circl
added 2025/06/04 7:10 a.m.27 views

CVE-2025-4578

creationtimestamp| type| source ---|---|--- 2025-06-04 07:10:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqratazuqm2e 2025-07-10 21:00:04+00:00| exploited| Telegram/kabkSjcaer5upRB0Ibwq9GK8VGQatVOtX1VoUjYbdl2MlGc 2026-06-19 12:46:00+00:00| exploited|...

9.8CVSS7.3AI score0.00475EPSS
Exploits3References2
NVD
NVD
added 2025/06/04 6:15 a.m.27 views

CVE-2025-4578

The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS0.00475EPSS
Exploits3References1
CVE
CVE
added 2025/06/04 6:0 a.m.74 views

CVE-2025-4578

CVE-2025-4578 affects the WordPress File Provider plugin (

9.8CVSS7.3AI score0.00475EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder