CVE-2025-22540

Name of the Vulnerable Software and Affected Versions Sebastian Orellana Emailing Subscription versions n/a through 1.4.1

Description The issue is related to the improper neutralization of special elements used in an SQL command, allowing for Blind SQL Injection. This can put user data at risk.

Recommendations For versions n/a through 1.4.1, update to a version later than 1.4.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and SQL commands to minimize the risk of exploitation.