TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2025-22799

HIGH
8.5

Beschreibung

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Vertim Coders Neon Product Designer allows SQL Injection.This issue affects Neon Product Designer: from n/a through 2.1.1.

CVE Details

CVSS v3.1 Bewertung8.5
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht1/15/2025
Zuletzt geandert1/15/2025
Quellenvd
Honeypot-Sichtungen0

Schwachen (CWE)

CWE-89

Referenzen

https://patchstack.com/database/wordpress/plugin/neon-product-designer-for-woocommerce/vulnerability/wordpress-neon-product-designer-plugin-2-1-1-sql-injection-vulnerability?_s_id=cve(audit@patchstack.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.