PT-2025-27905 · Click & Pledge · Click & Pledge Connect

Name of the Vulnerable Software and Affected Versions: Click & Pledge Connect versions 25.04010101 through WP6.8 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for privilege escalation...

WordPress plugin Click & Pledge Connect SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2025-32550

CVE-2025-32550 is an unauthenticated SQL Injection in Click & Pledge Connect Plugin for WordPress. Affected: Click & Pledge Connect Plugin versions 2.24080000 up to WP6.6.1. The issue is cataloged with CVSS v3.1 base score 7.2 (High) and a network attack vector with no user interaction and change...