HIGH SeverityCVSS 3.17.6CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

CVE-2025-68060

Last updated May 07, 2026 · Published May 07, 2026

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through 8.5.

Affected products

1 listed

WPMart:Team Member

Mappings

CWE

CWE-89

CAPEC

CAPEC-7

Research

SQL InjectionCovers how unsafe query construction enables data theft and database compromise. Provides parameterization and…

Guides

SQL Injection Prevention with PrismaSafe patterns for raw queries and dynamic filters.

Training

Injection TodaySQL, NoSQL, ORM, and LLM injection - what's changed and what hasn't.

CVE-2025-68060

Description

Affected products

Mappings

Related