exploitDog

CVE-2025-9587

Опубликовано: 02 окт. 2025

Источник: nvd

CVSS3: 8.6

EPSS Низкий

Описание

The CTL Behance Importer Lite WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

Ссылки

https://wpscan.com/vulnerability/e497f8b3-d70b-4d81-b915-e78ea5c02863/

EPSS

Процентиль: 31%

0.00116

Низкий

8.6 High

CVSS3

Дефекты

Связанные уязвимости

GHSA-5jrr-m9xv-j8qr

CVSS3: 6.5

github

4 месяца назад

The CTL Behance Importer Lite WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

EPSS

Процентиль: 31%

0.00116

Низкий

8.6 High

CVSS3

Дефекты