Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

链接： https://github.com/advisories/GHSA-pvpp-hvr3-xjwf

CVSS 评分： 9.3

参考链接：

https://nvd.nist.gov/vuln/detail/CVE-2025-52831
https://patchstack.com/database/wordpress/plugin/video-list-manager/vulnerability/wordpress-video-list-manager-1-7-sql-injection-vulnerability?_s_id=cve
https://github.com/advisories/GHSA-pvpp-hvr3-xjwf

描述：

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in thanhtungtnt Video List Manager allows SQL Injection. This issue affects Video List Manager: from n/a through 1.7.

安全公告

#Github Advisory

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

http://example.com/2025/07/04/github_1884540616/

作者

lianccc

发布于

2025年7月4日

许可协议

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 上一篇

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 下一篇