CVE-2025-28904 Information

Mar 27, 2025 cve

Description

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Shamalli Web Directory Free allows Blind SQL Injection. This issue affects Web Directory Free: from n/a through 1.7.6.

Reference

https://patchstack.com/database/wordpress/plugin/web-directory-free/vulnerability/wordpress-web-directory-free-plugin-1-7-6-sql-injection-vulnerability?_s_id=cve

Share on: