CVE ID :CVE-2018-25346 Published : May 23, 2026, 6:30 p.m. | 1 hour, 50 minutes ago Description :WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMapping and generete_csv actions. Attackers can submit POST requests with malicious SQL payloads in the name and search_labels parameters to extract, modify, or escalate privileges within the WordPress database. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...