Security News

Cybersecurity news aggregator

🔓
MEDIUM Vulnerabilities NIST NVD

CVE-2025-14973: The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter ...

cve-2025-14973recipe-card-blocks-litewordpress-pluginsql-injectionmitre-ta0001
The Recipe Card Blocks Lite WordPress plugin before version 3.4.13 is vulnerable to SQL injection. The plugin does not properly sanitize a parameter before using it in a SQL statement, allowing authenticated users with contributor privileges or higher to potentially execute arbitrary SQL commands.
Read Full Article →

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks.

Related Articles

HIGH 400,000 WordPress Sites Affected by Unauthenticated SQL Injection Vulnerability in Ally WordPress Plugin Wordfence HIGH SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites BleepingComputer HIGH Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks SecurityWeek MEDIUM Wordfence Intelligence Weekly WordPress Vulnerability Report (January 26, 2026 to February 1, 2026) Wordfence
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn