CVE-2025-6970 | Events Manager Plugin up to 7.0.3 on WordPress orderby sql injection

Inserito da Angelo Barbosa | Lug 9, 2025 | CVE

A vulnerability was found in Events Manager Plugin up to 7.0.3 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation of the argument orderby leads to sql injection.

This vulnerability is traded as CVE-2025-6970. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-6970 | Events Manager Plugin up to 7.0.3 on WordPress orderby sql injection

Post correlati

CVE-2024-13431 | croixhaug Appointment Booking Calendar Plugin up to 1.6.8.3 on WordPress accent_color/background parameter cross site scripting

CVE-2024-8449 | PLANET Technology GS-4210-24P2S Hardware 3.0 Serial Console hard-coded credentials

CVE-2025-27323 | Jon Bishop WP About Author Plugin up to 1.5 on WordPress cross site scripting

CVE-2023-48985 | CUSG Content Management System up to 7.74 login.php cross site scripting