VYPR
Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Apr 2, 2026

Donation <= 1.0 - Admin+ SQLi

CVE-2025-13001

Description

The donation WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users, such as admin to perform SQL injection attacks

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2025-13001 · VYPR