CVE-2025-13385 | Bookme Plugin up to 4.2 on WordPress filter[status] sql injection

November 25, 2025 Yanac

A vulnerability has been found in Bookme Plugin up to 4.2 on WordPress and classified as critical. This issue affects some unknown processing. This manipulation of the argument filter[status] causes sql injection.

The identification of this vulnerability is CVE-2025-13385. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-13414 | Morgan Kay Chamber Dashboard Business Directory Plugin up to 3.3.11 on WordPress cdash_watch_for_export authorization
CVE-2025-13370 | ProjectList Plugin up to 0.3.0 on WordPress ID sql injection