CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-13001

The donation WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users, such as admin to perform SQL injection attacks

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.2%

CVSS Severity

CVSS v3 Score 4.1

References

https://wpscan.com/vulnerability/4e7a8154-46bf-44c9-ad9a-273e99ae2104/

Products affected by CVE-2025-13001

Kieranoshea » Donations » Version: Any

cpe:2.3:a:kieranoshea:donations:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-13001

Products

Pricing

Contact Us