CVE-2025-48118 – WpExperts Hub Woocommerce Partial Shipment SQL Injection

June 17, 2025

CVE ID : CVE-2025-48118

Published : June 17, 2025, 3:15 p.m. | 2 hours, 59 minutes ago

Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in WpExperts Hub Woocommerce Partial Shipment allows SQL Injection. This issue affects Woocommerce Partial Shipment: from n/a through 3.2.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48274 – WordPress Job Portal SQL Injection

Next Article CVE-2025-47573 – Mojoomla School Management SQL Injection

Highlights

CVE-2025-3058 – Xelion Webchat WordPress Privilege Escalation Vulnerability

April 24, 2025

CVE ID : CVE-2025-3058

Published : April 24, 2025, 9:15 a.m. | 2 hours, 25 minutes ago

Description : The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwc_save_settings() function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Modernizing your approach to governance, risk and compliance

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Sam Altman says OpenAI could need a “significant fraction” of the Earth’s power for future artificial intelligence computing

Microsoft’s Windows 95 testing phase was so intense that it crashed cash registers with over $10,000 worth of software

The biggest rival for Microsoft’s Xbox Ally is Valve’s Steam Deck, not Switch 2, so stop comparing the wrong gaming handhelds

Microsoft Copilot for Power Platform

Microsoft Copilot for Power Platform

Integrate Coveo Atomic CLI-Based Hosted Search Page into Adobe Experience Manager (AEM)

Mastering TypeScript: Your Ultimate Guide to Types, Inference & Compatibility

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Sam Altman says OpenAI could need a “significant fraction” of the Earth’s power for future artificial intelligence computing

Microsoft’s Windows 95 testing phase was so intense that it crashed cash registers with over $10,000 worth of software

CVE-2025-48118 – WpExperts Hub Woocommerce Partial Shipment SQL Injection

CISA Flags CVE-2023-0386 as Actively Exploited Linux Kernel Privilege Escalation Threat

Linux-lek geeft aanvaller roottoegang: “organisaties moeten meteen patchen”

Pulumi IDP provides developers with faster access to self-service cloud infrastructure provisioning

Exploring institutions for global AI governance

Firefox Just Made Pinning Tabs a Whole Lot Easier

Streamline code conversion and testing from Microsoft SQL Server and Oracle to PostgreSQL with Amazon Bedrock

CVE-2025-3058 – Xelion Webchat WordPress Privilege Escalation Vulnerability

ast-grep performs structural search, lint and rewriting

Firefox Just Made Pinning Tabs a Whole Lot Easier

Exclusive Talk: Joey Conway of NVIDIA on Llama Nemotron Ultra and Open Source Models

CVE-2025-48118 – WpExperts Hub Woocommerce Partial Shipment SQL Injection

Related Posts