exploitDog

GHSA-3rxm-qjgx-2m73

Опубликовано: 04 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge Click & Pledge Connect allows Privilege Escalation. This issue affects Click & Pledge Connect: from 25.04010101 through WP6.8.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge Click & Pledge Connect allows Privilege Escalation. This issue affects Click & Pledge Connect: from 25.04010101 through WP6.8.

Ссылки

EPSS

Процентиль: 12%

0.00041

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-28983

CVSS3: 9.8

nvd

7 месяцев назад

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge Click & Pledge Connect allows Privilege Escalation. This issue affects Click & Pledge Connect: from 25.04010101 through WP6.8.

EPSS

Процентиль: 12%

0.00041

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89