CVE-2025-28939

HIGH Year: 2025
CVSS v3 Score
8.5
High
Weakness Type
CWE-89
View all →

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WP Google Calendar Manager allows Blind SQL Injection. This issue affects WP Google Calendar Manager: from n/a through 2.1.

Related Vulnerabilities

CVE-2019-9918

HIGH
CVSS:8.5(High)

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Stat...

CWE-892019

CVE-2023-39309

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.

CWE-892023

CVE-2024-30239

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.6.

CWE-892024

CVE-2024-30240

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Typps Calendarista.This issue affects Calendarista: from n/a through 15.5.7.

CWE-892024

CVE-2024-30242

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions Contact Form to Any API.This issue affects Contact Form to Any API: from n/a thr...

CWE-892024

CVE-2024-30243

HIGH
CVSS:8.5(High)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tomas WordPress Tooltips.This issue affects WordPress Tooltips: from n/a before 9.4.5.

CWE-892024