CVE-2025-22505

Name of the Vulnerable Software and Affected Versions Nabaraj Chapagain NC Wishlist for Woocommerce versions 1.0.1 and below

Description The issue is related to an improper neutralization of special elements used in an SQL command, which allows SQL injection. This means that attackers can potentially execute malicious SQL commands.

Recommendations For versions 1.0.1 and below, update to a version that fixes this issue. As a temporary workaround, consider restricting access to sensitive database elements to minimize the risk of exploitation. Avoid using user-supplied input in SQL commands until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.