CVE-2025-24672

High CVSS: 8.5

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in codepeople Form Builder CP cp-easy-form-builder allows SQL Injection.This issue affects Form Builder CP: from n/a through <= 1.2.41.

Vendor

Product

CWE

CWE-89

Yayın Tarihi

2025-01-24 18:15:40

Güncelleme

2026-04-23 15:25:15

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-89 HIGH 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/cp-easy-form-builder/vulnerability/wordpress-form-builder-cp-plugin-1-2-41-sql-injection-vulnerability?_s_id=cve