- Description
- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting allows SQL Injection. This issue affects Advanced WooCommerce Product Sales Reporting: from n/a through 3.1.
- Source
- audit@patchstack.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.3
- Impact score
- 4.7
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
- Severity
- CRITICAL
- audit@patchstack.com
- CWE-89
- Hype score
- Not currently trending
Critical SQL injection flaw (CVE-2025-31553) found in Advanced WooCommerce Product Sales Reporting plugin (v3.1 and below). Attackers can execute arbitrary SQL commands - update immediately or disable the plugin. Details: https://t.co/qrz5eH3eM9
@RedTeamNewsBlog
2 Apr 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-31553: CRITICAL] Vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting allows SQL Injection, affecting versions from n/a to 3.1. Cyber security alert!#cybersecurity,#vulnerability https://t.co/cHMAXacAWX https://t.co/zF4S49OB45
@CveFindCom
1 Apr 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes