2 matches found
CVE-2025-4840
The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2025-4840
creationtimestamp| type| source ---|---|--- 2025-06-10 06:30:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17834 2025-06-10 09:59:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lramzvpfgj2p 2025-09-29 21:02:22+00:00| seen|...