WordPress · Recipe Card Blocks Lite · CVE-2025-14973
**Name of the Vulnerable Software and Affected Versions**
Recipe Card Blocks Lite WordPress plugin versions prior to 3.4.13
**Description**
The Recipe Card Blocks Lite WordPress plugin does not properly sanitize and escape a parameter before using it in a SQL statement. This allows users with contributor privileges or higher to potentially execute SQL injection attacks. The `parameter` used in the SQL statement is not properly handled, creating a risk for malicious code execution.
**Recommendations**
Update the Recipe Card Blocks Lite WordPress plugin to version 3.4.13 or later.