PT-2025-40322 · WordPress · Ctl Behance Importer Lite
Khaled Alenazi
·
Published
2025-10-02
·
Updated
2025-10-02
·
CVE-2025-9587
CVSS v3.1
8.6
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
CTL Behance Importer Lite WordPress plugin versions through 1.0
Description
The software does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action. This allows for SQL injection, and the issue is accessible to unauthenticated users.
Recommendations
Update CTL Behance Importer Lite WordPress plugin to a version later than 1.0.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ctl Behance Importer Lite