CVE-2025-3107 | Newsletters Plugin up to 4.9.9.8 on WordPress orderby sql injection

Inserito da Angelo Barbosa | Mag 12, 2025 | CVE

A vulnerability was found in Newsletters Plugin up to 4.9.9.8 on WordPress. It has been declared as critical. This vulnerability affects unknown code. The manipulation of the argument orderby leads to sql injection.

This vulnerability was named CVE-2025-3107. The attack can be initiated remotely. There is no exploit available.

CVE-2025-3107 | Newsletters Plugin up to 4.9.9.8 on WordPress orderby sql injection

Post correlati

CVE-2024-13542 | pagup WP Google Street View & Google maps and Local SEO Plugin Shortcode wpgsv cross site scripting

CVE-2023-7122 | Linux Kernel 6.6 iommufd Driver iommufd_test use after free

CVE-2024-5764 | Sonatype Nexus Repository up to 3.72.0 hard-coded credentials

CVE-2024-9132 | Arista Edge Threat Management up to 17.1.1 Captive Portal Script code injection