PT-2026-1272 · Unknown+1 · Infility Global+1
Published
2026-01-05
·
Updated
2026-01-05
·
CVE-2025-68865
CVSS v3.1
9.3
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Infility Global versions through 2.14.48
Description
Infility Global is susceptible to a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. The vulnerability affects the application and potentially exposes WordPress databases with trivial exploitation vectors.
Recommendations
Update Infility Global to a version newer than 2.14.48.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Infility Global
Wordpress