6 matches found
WordPress WP-PManager plugin <= 1.2 - Admin+ SQL Injection vulnerability
Admin+ SQL Injection vulnerability discovered by Bob Matyas in WordPress Plugin WP-PManager versions = 1.2...
CVE-2025-2248
The WP-PManager WordPress plugin through 1.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2025-2248
Summary (CVE-2025-2248) WP-PManager WordPress plugin (versions ≤ 1.2) exposes a SQL injection risk: a parameter is not sanitized/escaped before use in a SQL statement, enabling admin-level exploitation. The root cause is improper input handling in the plugin’s database query construction. Documen...
CVE-2025-2248 WP-PManager <= 1.2 - Admin+ SQL Injection
The WP-PManager WordPress plugin through 1.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2025-2248 WP-PManager <= 1.2 - Admin+ SQL Injection
The WP-PManager WordPress plugin through 1.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2025-2248
creationtimestamp| type| source ---|---|--- 2025-04-28 02:57:52+00:00| seen| https://bsky.app/profile/thewhynet.bsky.social/post/3lntrgsnq6x2h 2025-05-16 20:34:57+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16753...