4 matches found
CVE-2025-28986
Cross-Site Request Forgery CSRF vulnerability in Webaholicson Epicwin Plugin epicwin-subscribers allows SQL Injection.This issue affects Epicwin Plugin: from n/a through = 1.5...
CVE-2025-28986
CVE-2025-28986 is a CSRF-triggered SQL injection vulnerability in the Epicwin WordPress plugin (Epicwin Plugin) that affects versions up to 1.5. The vulnerability is documented with a CVSSv3.1 base score of 8.2 (HIGH), indicating high impact with network access, low attack complexity, no privileg...
CVE-2025-28986 WordPress Epicwin Plugin plugin <= 1.5 - CSRF to SQL Injection vulnerability
Cross-Site Request Forgery CSRF vulnerability in Webaholicson Epicwin Plugin epicwin-subscribers allows SQL Injection.This issue affects Epicwin Plugin: from n/a through = 1.5...
WordPress Epicwin Plugin plugin <= 1.5 - CSRF to SQL Injection vulnerability
CSRF to SQL Injection vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Epicwin Plugin versions = 1.5...