CVE-2025-14050

The Design Import/Export plugin for WordPress is vulnerable to SQL Injection via XML File Import in all versions up to, and including, 2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2025-14050

CVE-2025-14050 : The WordPress plugin “Design Import/Export – Styles, Templates, Template Parts and Patterns” is affected by an SQL Injection via XML File Import in all versions up to 2.2. The root cause is insufficient escaping of the user-supplied parameter and a poorly prepared SQL query, enab...

CVE-2025-14050 Design Import/Export <= 2.2 - Authenticated (Administrator+) SQL Injection via XML File Import

The Design Import/Export plugin for WordPress is vulnerable to SQL Injection via XML File Import in all versions up to, and including, 2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

WordPress plugin Design Import/Export SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...