CVE-2025-13090 | WP Directory Kit Plugin up to 1.4.6 on WordPress Search sql injection

Inserito da Angelo Barbosa | Dic 1, 2025 | CVE

A vulnerability classified as critical has been found in WP Directory Kit Plugin up to 1.4.6 on WordPress. The affected element is an unknown function. This manipulation of the argument Search causes sql injection.

This vulnerability is registered as CVE-2025-13090. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-13090 | WP Directory Kit Plugin up to 1.4.6 on WordPress Search sql injection

Post correlati

CVE-2023-36629 | ST ST54-android-packages-apps-Nfc prior 130-20230215-23W07p0 on Android out-of-bounds

CVE-2023-6711 | Hitachi Energy RTU500 up to 13.5.1 Messages input validation

CVE-2024-1917 | Mitsubishi Electric MELSEC-Q/MELSEC-L Packet integer overflow (icsa-24-074-14)

CVE-2023-52542 | Huawei HarmonyOS/EMUI System Module permission