CVE-2025-48274

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-48274
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpjobportal WP Job Portal wp-job-portal allows Blind SQL Injection.This issue affects WP Job Portal: from n/a through <= 2.3.2.

9.3 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References
Link Resource
https://patchstack.com/database/Wordpress/Plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-2-3-2-sql-injection-vulnerability?_s_id=cve Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:wpjobportal:wp_job_portal:*:*:*:*:*:wordpress:*:*
History

23 Apr 2026, 15:31

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5 		v2 : unknown
v3 : 9.3

01 Apr 2026, 17:24

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.3 		v2 : unknown
v3 : 7.5
References
  • {'url': 'https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-2-3-2-sql-injection-vulnerability?_s_id=cve', 'tags': ['Third Party Advisory'], 'source': 'audit@patchstack.com'}
  • () https://patchstack.com/database/Wordpress/Plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-2-3-2-sql-injection-vulnerability?_s_id=cve - Third Party Advisory
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpjobportal WP Job Portal allows Blind SQL Injection. This issue affects WP Job Portal: from n/a through 2.3.2. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpjobportal WP Job Portal wp-job-portal allows Blind SQL Injection.This issue affects WP Job Portal: from n/a through <= 2.3.2.

08 Jul 2025, 13:12

Type Values Removed Values Added
CPE cpe:2.3:a:wpjobportal:wp_job_portal:*:*:*:*:*:wordpress:*:*
First Time Wpjobportal
Wpjobportal wp Job Portal
Summary
  • (es) Vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en wpjobportal WP Job Portal permite la inyección SQL ciega. Este problema afecta a WP Job Portal desde n/d hasta la versión 2.3.2.
References () https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-2-3-2-sql-injection-vulnerability?_s_id=cve - () https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-2-3-2-sql-injection-vulnerability?_s_id=cve - Third Party Advisory

17 Jun 2025, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-17 15:15

Updated : 2026-04-23 15:31

NVD link : CVE-2025-48274

Mitre link : CVE-2025-48274

CVE.ORG link : CVE-2025-48274

JSON object : View

Products Affected

wpjobportal

  • wp_job_portal
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')