CVE-2025-49263 Information

Description

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in WCVendors WC Vendors Marketplace allows Blind SQL Injection. This issue affects WC Vendors Marketplace: from n/a through 2.5.6.

Reference

https://patchstack.com/database/wordpress/plugin/wc-vendors/vulnerability/wordpress-wc-vendors-marketplace-2-5-6-sql-injection-vulnerability?_s_id=cve