exploitDog

CVE-2025-28904

Опубликовано: 25 мар. 2025

Источник: nvd

CVSS3: 9.3

EPSS Низкий

Описание

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free allows Blind SQL Injection. This issue affects Web Directory Free: from n/a through 1.7.6.

Ссылки

https://patchstack.com/database/wordpress/plugin/web-directory-free/vulnerability/wordpress-web-directory-free-plugin-1-7-6-sql-injection-vulnerability?_s_id=cve

EPSS

Процентиль: 28%

0.00099

Низкий

9.3 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-xxp6-fq36-p8jx

CVSS3: 9.3

github

11 месяцев назад

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free allows Blind SQL Injection. This issue affects Web Directory Free: from n/a through 1.7.6.

EPSS

Процентиль: 28%

0.00099

Низкий

9.3 Critical

CVSS3

Дефекты

CWE-89