CVE-2025-2248

The WP-PManager WordPress plugin through 1.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:mantus667:wp-pmanager:*:*:*:*:*:wordpress:*:*

History

04 Jun 2025, 20:03

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-15 20:16

Updated : 2025-06-04 20:03


NVD link : CVE-2025-2248

Mitre link : CVE-2025-2248

CVE.ORG link : CVE-2025-2248


JSON object : View

Products Affected

mantus667

  • wp-pmanager
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')