WordPress Events Manager <= 7.0.3 - SQL Injection CVE-2025-6970
- Severity
- Vulnerability description
- Not available
- Risk description
- Not available
- Recommendation
- Not available
- References
- https://wpscan.com/vulnerability/CVE-2025-6970https://patchstack.com/database/vulnerability/events-manager/wordpress-events-manager-calendar-bookings-tickets-and-more-plugin-7-0-3-unauthenticated-sql-injection-via-orderby-parameterhttps://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/events-manager/events-manager-703-unauthenticated-sql-injection-via-orderby-parameterhttps://nvd.nist.gov/vuln/detail/CVE-2025-6970
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Nuclei
- Cisa Kev
- No
- Exploitable with Sniper
- No
- CVE Published
- Not available
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect & validate this vulnerability
Go beyond surface scans. Get real validation with proprietary tools designed to prove what’s exploitable in your environment.