CVE-2025-10144 | quadlayers Perfect Brands for WooCommerce Plugin up to 3.6.2 on WordPress Shortcode products brands sql injection

Inserito da Angelo Barbosa | Nov 24, 2025 | CVE

A vulnerability classified as critical was found in quadlayers Perfect Brands for WooCommerce Plugin up to 3.6.2 on WordPress. This affects the function Products of the component Shortcode Handler. Such manipulation of the argument brands leads to sql injection.

This vulnerability is listed as CVE-2025-10144. The attack may be performed from remote. There is no available exploit.

CVE-2025-10144 | quadlayers Perfect Brands for WooCommerce Plugin up to 3.6.2 on WordPress Shortcode products brands sql injection

Post correlati

CVE-2025-5838 | PHPGurukul Employee Record Management System 1.3 /admin/adminprofile.php AdminName sql injection

CVE-2025-60967 | EndRun Sonoma D12 Network Time Server 6010-0071-000 Ver 4.00 cross site scripting

CVE-2024-12422 | xylus Import Eventbrite Events Plugin up to 1.7.4 on WordPress page cross site scripting

CVE-2025-25111 | WP Spell Check Plugin up to 9.21 on WordPress cross-site request forgery