CVE-2025-11980 | Quick Featured Images Plugin up to 13.7.3 on WordPress delete_orphaned sql injection

Inserito da Angelo Barbosa | Nov 8, 2025 | CVE

A vulnerability was found in Quick Featured Images Plugin up to 13.7.3 on WordPress. It has been rated as critical. This affects the function delete_orphaned. The manipulation leads to sql injection.

This vulnerability is referenced as CVE-2025-11980. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-11980 | Quick Featured Images Plugin up to 13.7.3 on WordPress delete_orphaned sql injection

Post correlati

CVE-2024-52461 | Kinsta WordPress Hosting Infinite Slider Plugin up to 2.0.1 on WordPress cross site scripting

CVE-2023-48912 | Dreamer CMS 4.1.3 /admin/archives/edit cross-site request forgery

CVE-2024-28826 | Checkmk up to 2.0.0p39/2.1.0p43/2.2.0p26/2.3.0p3 check_sftp file inclusion

CVE-2024-32967 | Zitadel up to 2.50.2 information disclosure