cleantalk
Vulnerabilities and Security Researches

Pods – Custom Content Types and Fields, CVE-2025-1446

CVE, Research URL

CVE-2025-1446

Home page URL

Security reports for Pods – Custom Content Types and Fields

Application

Pods – Custom Content Types and Fields

Published on
Mar 23, 2025
Research Description
The Pods WordPress plugin before 3.2.8.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
Affected versions
Min -, max 3.2.8.2.
Status
vulnerable
Previous vulnerability researches
Insert PHP Code Snippet (CVE-2024-43275) , May 07, 2025
Insert PHP Code Snippet (CVE-2024-7420) , Aug 16, 2024
Insert PHP Code Snippet (CVE-2024-0658) , Jun 06, 2024
New vulnerability
SMS Alert Order Notifications – WooCommerce (CVE-2025-3876) , May 11, 2025
SMS Alert Order Notifications – WooCommerce (CVE-2025-3878) , May 11, 2025
WordPress Review Plugin: The Ultimate Solution for Building a Review Website (CVE-2025-2158) , May 11, 2025
Drag and Drop Multiple File Upload for WooCommerce (CVE-2025-4403) , May 11, 2025
Contact Us By Lord Linus (CVE-2025-1382) , May 11, 2025