Tag: CVE-2025-12197

All the articles with the tag "CVE-2025-12197".

• [CVE-2025-12197] The Events Calendar WordPress Plugin Blind SQL Injection Exposes Site Databases

  5 Nov, 2025

  Unauthenticated SQL injection in a widely installed WordPress events plugin lets attackers exfiltrate data through crafted search requests. Updating to version 6.15.10 closes the hole.