CVE-2025-0853 – WordPress PGS Core Plugin SQL Injection Vulnerability

May 6, 2025

CVE ID : CVE-2025-0853

Published : May 6, 2025, 10:15 p.m. | 1 hour, 42 minutes ago

Description : The PGS Core plugin for WordPress is vulnerable to SQL Injection via the ‘event’ parameter in the ‘save_header_builder’ function in all versions up to, and including, 5.8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47420 – Crestron Automate VX Privilege Escalation Vulnerability

Next Article CVE-2025-47419 – Crestron Automate VX Insecure Communication Vulnerability

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

3 portable power stations I travel everywhere with (and how they differ)

I tried Lenovo’s new rollable ThinkBook and can’t go back to regular-sized screens

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

Forget Back to School Deals — Lenovo’s Clearance Sale is Where You’ll Find Amazing Discounts on Laptops, Mini PCs, and More, While Supplies Last

spatie/laravel-flare

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Generate Postman Collections from Laravel Routes

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

Forget Back to School Deals — Lenovo’s Clearance Sale is Where You’ll Find Amazing Discounts on Laptops, Mini PCs, and More, While Supplies Last

The Gaming Desktop I’ve Relied on More Than Any Other Is More Powerful and Sleeker Than Ever — But Damn, It’s Expensive

CVE-2025-0853 – WordPress PGS Core Plugin SQL Injection Vulnerability

Android adware: What is it, and how do I get it off my device?

Black Hat USA 2025: Is a high cyber insurance premium about your risk, or your insurer’s?

CVE-2025-7614 – TOTOLINK T6 Command Injection Vulnerability

CVE-2025-5926 – WordPress Link Shield CSRF

Build real-time travel recommendations using AI agents on Amazon Bedrock

CVE-2025-4811 – CodeAstro Pharmacy Management System SQL Injection Vulnerability

Blockchain-Powered Digital Twins: Driving Efficiency & Innovation in Operations

pxlrbt/filament-activity-log

Community News: Latest PEAR Releases (03.10.2025)

CVE-2025-34069 – Kerio Control Authentication Bypass through Insecure Proxy Configuration

CVE-2025-0853 – WordPress PGS Core Plugin SQL Injection Vulnerability

Related Posts