PT-2026-4726 · WordPress · Recipe Card Blocks Lite
Purachai Phonwisut
·
Publicado
2026-01-26
·
Atualizado
2026-01-26
·
CVE-2025-14973
CVSS v3.1
6.8
Média
| Vetor | AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Recipe Card Blocks Lite WordPress plugin versions prior to 3.4.13
Description
The Recipe Card Blocks Lite WordPress plugin does not properly sanitize and escape a parameter before using it in a SQL statement. This allows users with contributor privileges or higher to potentially execute SQL injection attacks. The
parameter used in the SQL statement is not properly handled, creating a risk for malicious code execution.Recommendations
Update the Recipe Card Blocks Lite WordPress plugin to version 3.4.13 or later.
Exploit
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Recipe Card Blocks Lite