CVE-2025-6970 | Events Manager Plugin up to 7.0.3 on WordPress orderby sql injection

Inserito da Angelo Barbosa | Lug 9, 2025 | CVE

A vulnerability was found in Events Manager Plugin up to 7.0.3 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation of the argument orderby leads to sql injection.

This vulnerability is traded as CVE-2025-6970. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-6970 | Events Manager Plugin up to 7.0.3 on WordPress orderby sql injection

Post correlati

CVE-2021-47157 | Kossy up to 0.59 on Perl JSON X-Requested-With Privilege Escalation

CVE-2024-9784 | D-Link DIR-619L B1 2.06 formResetStatistic curTime buffer overflow

CVE-2025-25478 | SysPass 3.2.x Filename unrestricted upload

CVE-2025-0751 | Axiomatic Bento4 up to 1.6.0 mp42aac AP4_BitReader::ReadBits heap-based overflow