CVE-2025-28972 Information

Jun 18, 2025 cve

Description

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Suhas Surse WP Employee Attendance System allows Blind SQL Injection. This issue affects WP Employee Attendance System: from n/a through 3.5.

Reference

https://patchstack.com/database/wordpress/plugin/wp-employee-attendance-system/vulnerability/wordpress-wp-employee-attendance-system-3-5-sql-injection-vulnerability?_s_id=cve

CNNVD-202506-2005 (Published: 2025-06-17)

Share on:

CVE-2025-28972 Information

Description

Reference

Related CNNVD