CVE-2025-25150 Information

Description

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Stylemix uListing allows Blind SQL Injection. This issue affects uListing: from n/a through 2.1.6.

Reference

https://patchstack.com/database/wordpress/plugin/ulisting/vulnerability/wordpress-songkick-concerts-and-festivals-plugin-0-9-7-cross-site-request-forgery-csrf-vulnerability-2?_s_id=cve

Related CNNVD

CNNVD-202510-3215 (Published: 2025-10-23)