Vulnerabilities and security researches forplugin-organizer plugin-organizer

Jan 10, 2026

CVE, Research URL: CVE-2025-13417
Home page URL: Security reports for Plugin Organizer
Application: Plugin Organizer
Date: Dec 29, 2025
Research Description: The Plugin Organizer WordPress plugin before 10.2.4 does not sanitize and escape a parameter before using it in a SQL statement, allowing subscribers to perform SQL injection attacks.
Affected versions: max 10.2.4.
Status: vulnerable