cleantalk
Vulnerabilities and Security Researches

Easy Query – WP Query Builder, CVE-2025-32120

CVE, Research URL

CVE-2025-32120

Home page URL

Security reports for Easy Query – WP Query Builder

Application

Easy Query – WP Query Builder

Published on
Apr 04, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Erick Danzer Easy Query – WP Query Builder allows Blind SQL Injection. This issue affects Easy Query – WP Query Builder: from n/a through 2.0.4.
Affected versions
Min -, max 2.0.4.
Status
vulnerable
Previous vulnerability researches
Cart tracking for WooCommerce (d666481e974f21c6b520fbaf7e0c7d274c39fb4b) , Jun 07, 2024
Cart tracking for WooCommerce (CVE-2025-30791) , Mar 28, 2025
New vulnerability
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025
Salon booking system (CVE-2025-32220) , Apr 06, 2025
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2025-32257) , Apr 06, 2025