CVE-2025-28986 – Webaholicson Epicwin Plugin CSRF SQL Injection

June 6, 2025

CVE ID : CVE-2025-28986

Published : June 6, 2025, 1:15 p.m. | 1 hour, 59 minutes ago

Description : Cross-Site Request Forgery (CSRF) vulnerability in Webaholicson Epicwin Plugin allows SQL Injection. This issue affects Epicwin Plugin: from n/a through 1.5.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49072 – AncoraThemes Mr. Murphy Object Injection Vulnerability

Next Article CVE-2025-47586 – StylemixThemes Motors – Events PHP RFI Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-28986 – Webaholicson Epicwin Plugin CSRF SQL Injection

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Can an iPad replace a MacBook? I tested the M3 Air for weeks, and here’s my verdict

Cisco reveals its AI-ready data center strategy – boosted by its Nvidia partnership

CISA Warns of Critical Flaws in ControlID iDSecure Vehicle Control Software

CodeSOD: Back Up for a Moment

Site Update – An Apology and a Brighter Future

No-code data preparation for time series forecasting using Amazon SageMaker Canvas

CVE-2025-44866 – Tenda W20E Command Injection Vulnerability

CVE-2025-5473 – GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability

CVE-2025-28986 – Webaholicson Epicwin Plugin CSRF SQL Injection

Related Posts