CYBERHAWK / CVE / CVE-2018-25434

CVE-2018-25434

WP AutoSuggest

HIGH CVSS 8.2 vibe

The flaw

SQL injection vulnerability allows unauthenticated attackers to execute arbitrary SQL queries through the wpas_keys parameter.

What to do

Update to version newer than 0.24 or sanitize wpas_keys parameter

▸ Scan my repo for CVE-2018-25434

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-06-05 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits