CVE-2025-4840 in inprosysmedia-likes-dislikes-post Plugin信息

摘要

由 VulDB • 2026-06-21

WordPress插件inprosysmedia-likes-dislikes-post在1.0.0版本及之前,未在使用AJAX操作(该操作对未经身份验证的用户可用)将参数用于SQL语句前对其进行适当的清理和转义,从而导致SQL注入漏洞。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Interested in the pricing of exploits?

See the underground prices here!