cleantalk
Vulnerabilities and Security Researches

Breezing Forms, 114527bd38301527b5be9d3f7759600c1f0e641d

CVE, Research URL

114527bd38301527b5be9d3f7759600c1f0e641d

Home page URL

Security reports for Breezing Forms

Application

Breezing Forms

Published on
Dec 02, 2015
Research Description
Breezing Forms [breezing-forms] < 1.2.7.31 Breezing Forms <= 1.2.7.30 - SQL Injection The Breezing Forms plugin for WordPress is vulnerable to generic SQL Injection via the ‘page’ parameter in versions up to, and including, 1.2.7.30 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Affected versions
Min -, max 1.2.7.31.
Status
vulnerable
Previous vulnerability researches
Breezing Forms (CVE-2025-30520) , Apr 02, 2025
Breezing Forms (114527bd38301527b5be9d3f7759600c1f0e641d) , Jun 06, 2024
New vulnerability
Radio Station by netmix® &#8211; Manage and play your Show Schedule in WordPress! (CVE-2025-53568) , Jul 05, 2025
RD Contacto (CVE-2025-5933) , Jul 05, 2025
AiBud WP &#8211; ChatGPT, OpenAI, Content &amp; Image Generator WordPress plugin (CVE-2025-23968) , Jul 05, 2025
WP Permalink Translator (CVE-2025-53274) , Jul 05, 2025
Soumettre.fr (CVE-2025-4654) , Jul 05, 2025