Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-28939

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WP Google Calendar Manager allows Blind SQL Injection. This issue affects WP Google Calendar Manager: from n/a through 2.1.

Published

2025-03-26T15:16:17.923

Last Modified

2025-03-27T16:45:27.850

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 8.5 (HIGH)

Weaknesses

Type: Secondary
CWE-89

Affected Vendors & Products

References

https://patchstack.com/database/wordpress/plugin/wp-gcalendar/vulnerability/wordpress-wp-google-calendar-manager-plugin-2-1-sql-injection-vulnerability?_s_id=cve ([email protected])