exploitDog

GHSA-wmwp-pv69-5487

Опубликовано: 20 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.3

Описание

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP allows SQL Injection. This issue affects Custom API for WP: from n/a through 4.2.2.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP allows SQL Injection. This issue affects Custom API for WP: from n/a through 4.2.2.

Ссылки

EPSS

Процентиль: 10%

0.00035

Низкий

9.3 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-54048

CVSS3: 9.3

nvd

6 месяцев назад

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP allows SQL Injection. This issue affects Custom API for WP: from n/a through 4.2.2.

EPSS

Процентиль: 10%

0.00035

Низкий

9.3 Critical

CVSS3

CVE ID

Дефекты

CWE-89