CVE-2025-23912

HIGH Year: 2025
CVSS v3 Score
8.5
High
Weakness Type
CWE-89
View all →

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Typomedia Foundation WordPress Custom Sidebar allows Blind SQL Injection.This issue affects WordPress Custom Sidebar: from n/a through 2.3.

Related Vulnerabilities

CVE-2019-9918

HIGH
CVSS:8.5(High)

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Stat...

CWE-892019

CVE-2023-39309

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.

CWE-892023

CVE-2024-30239

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.6.

CWE-892024

CVE-2024-30240

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Typps Calendarista.This issue affects Calendarista: from n/a through 15.5.7.

CWE-892024

CVE-2024-30242

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions Contact Form to Any API.This issue affects Contact Form to Any API: from n/a thr...

CWE-892024

CVE-2024-30243

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tomas WordPress Tooltips.This issue affects WordPress Tooltips: from n/a before 9.4.5.

CWE-892024