CVE-2025-5287 – WordPress Likes and Dislikes Plugin SQL Injection

May 28, 2025

CVE ID : CVE-2025-5287

Published : May 28, 2025, 9:15 a.m. | 2 hours, 20 minutes ago

Description : The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘post’ parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-1753 – LLama-Index OS Command Injection Vulnerability

Next Article SkyEmu is a Game Boy Advance, Game Boy, Game Boy Color, and DS emulator

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-5287 – WordPress Likes and Dislikes Plugin SQL Injection

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Xbox confirms it has “no minimum order quantity” or print limits for physical games — but there are other considerations

Maximizing ROI: How AI Consulting Transforms Raw Data into Business Growth📈

Firefox’s new Tab Groups might be the solution to your biggest browser problem

CVE-2025-32819 – SonicWall SMA SSLVPN File Deletion Vulnerability

This new YouTube Shorts feature lets you circle to search videos more easily

Elgato Facecam 4K is on the horizon with 4K60 video and 49mm Lens filter support — It’s the direct successor to one of our favorite webcams

Mercury foundation models from Inception Labs are now available in Amazon Bedrock Marketplace and Amazon SageMaker JumpStart

CVE-2025-4950 – CVE-2018-3639: Apache Struts Remote Code Execution Vulnerability

CVE-2025-5287 – WordPress Likes and Dislikes Plugin SQL Injection

Related Posts