Skip to main content

Team Member

1 CVEs product

Monthly

CVE-2025-68060 HIGH This Week

SQL injection in Team Member WordPress plugin versions up to 8.5 allows authenticated administrators to extract database contents via blind SQL injection. Reported by Patchstack, this vulnerability requires high-level privileges (PR:H) but enables cross-scope confidentiality breach (S:C), allowing attackers to read sensitive data beyond their normal authorization boundaries. EPSS data and KEV status not provided; no public exploit code confirmed at time of analysis.

SQLi Team Member
NVD
CVSS 3.1
7.6
EPSS
0.0%
EPSS 0% CVSS 7.6
HIGH This Week

SQL injection in Team Member WordPress plugin versions up to 8.5 allows authenticated administrators to extract database contents via blind SQL injection. Reported by Patchstack, this vulnerability requires high-level privileges (PR:H) but enables cross-scope confidentiality breach (S:C), allowing attackers to read sensitive data beyond their normal authorization boundaries. EPSS data and KEV status not provided; no public exploit code confirmed at time of analysis.

SQLi Team Member
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy