CVE-2025-7662

Name of the Vulnerable Software and Affected Versions: Gestion de tarifs plugin for WordPress versions prior to 1.5

Description: The Gestion de tarifs plugin for WordPress is vulnerable to SQL Injection via the tarif and intitule shortcodes due to insufficient escaping on user-supplied parameters and a lack of sufficient preparation of the existing SQL query. This allows authenticated attackers with Contributor-level access and above to append additional SQL queries to existing queries, potentially extracting sensitive information from the database.

Recommendations: Update the Gestion de tarifs plugin to version 1.5 or later.