exploitDog

CVE-2025-28904

Опубликовано: 25 мар. 2025

Источник: nvd

CVSS3: 9.3

EPSS Низкий

Описание

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free allows Blind SQL Injection. This issue affects Web Directory Free: from n/a through 1.7.6.

Ссылки

https://patchstack.com/database/wordpress/plugin/web-directory-free/vulnerability/wordpress-web-directory-free-plugin-1-7-6-sql-injection-vulnerability?_s_id=cve

EPSS

Процентиль: 19%

0.00061

Низкий

9.3 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-xxp6-fq36-p8jx

CVSS3: 9.3

github

5 месяцев назад

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free allows Blind SQL Injection. This issue affects Web Directory Free: from n/a through 1.7.6.

EPSS

Процентиль: 19%

0.00061

Низкий

9.3 Critical

CVSS3

Дефекты

CWE-89