3 matches found
CVE-2025-24612
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ihor Kit Shipping for Nova Poshta nova-poshta-ttn allows SQL Injection.This issue affects Shipping for Nova Poshta: from n/a through = 1.19.6...
CVE-2025-24612
creationtimestamp| type| source ---|---|--- 2025-01-27 14:16:21+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgq4waswas2f 2025-01-27 14:23:32+00:00| seen| https://infosec.exchange/users/cve/statuses/113900769227324519 2025-01-27 14:55:07+00:00| seen|...
CVE-2025-24612
CVE-2025-24612: Affected product is WordPress Shipping for Nova Poshta plugin (versions n/a through 1.19.6). The root cause is improper neutralization of special elements used in SQL commands, enabling SQL injection. Exploitation details are not described in the provided sources, but the CVSS met...