exploitDog

CVE-2025-54048

Опубликовано: 20 авг. 2025

Источник: nvd

CVSS3: 9.3

EPSS Низкий

Описание

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP allows SQL Injection. This issue affects Custom API for WP: from n/a through 4.2.2.

Ссылки

https://patchstack.com/database/wordpress/plugin/custom-api-for-wp/vulnerability/wordpress-custom-api-for-wp-4-2-2-sql-injection-vulnerability?_s_id=cve

EPSS

Процентиль: 10%

0.00035

Низкий

9.3 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-wmwp-pv69-5487

CVSS3: 9.3

github

6 месяцев назад

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP allows SQL Injection. This issue affects Custom API for WP: from n/a through 4.2.2.

EPSS

Процентиль: 10%

0.00035

Низкий

9.3 Critical

CVSS3

Дефекты

CWE-89