cleantalk
Vulnerabilities and Security Researches

Pods – Custom Content Types and Fields, CVE-2025-1446

CVE, Research URL

CVE-2025-1446

Home page URL

Security reports for Pods – Custom Content Types and Fields

Application

Pods – Custom Content Types and Fields

Published on
Mar 23, 2025
Research Description
The Pods WordPress plugin before 3.2.8.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
Affected versions
Min -, max 3.2.8.2.
Status
vulnerable
Previous vulnerability researches
Theme File Duplicator (CVE-2025-27283) , Feb 27, 2025
Theme File Duplicator (CVE-2025-27282) , Mar 05, 2025
New vulnerability
SMS Alert Order Notifications – WooCommerce (CVE-2025-3876) , May 11, 2025
SMS Alert Order Notifications – WooCommerce (CVE-2025-3878) , May 11, 2025
WordPress Review Plugin: The Ultimate Solution for Building a Review Website (CVE-2025-2158) , May 11, 2025
Drag and Drop Multiple File Upload for WooCommerce (CVE-2025-4403) , May 11, 2025
Contact Us By Lord Linus (CVE-2025-1382) , May 11, 2025