Critical
CVSS 9.3
Overview
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThimPress WP Pipes allows SQL Injection. This issue affects WP Pipes: from n/a through 1.4.3.
CVE-2025-28982
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti...
Risk analysis
This vulnerability is rated 🔴 CRITICAL.
- CVSS: 9.3 (CRITICAL)
- Detected tags: sql (tag impact: MODERATE)
Recommended actions:
- Use parameterized queries/ORM (avoid string concatenation).
- Add WAF rules and input validation.