CVE-2025-12483

Name of the Vulnerable Software and Affected Versions The Visualizer: Tables and Charts Manager for WordPress plugin versions prior to 3.11.13

Description The software is susceptible to SQL Injection through the query parameter. Insufficient escaping of user-supplied input and inadequate SQL query preparation allow authenticated attackers with Contributor-level access or higher to inject additional SQL queries into existing ones. This can lead to the extraction of sensitive information from the database. Version 3.11.13 raises the minimum user-level required for exploitation to administrator.

Recommendations Update to version 3.11.13 or later.