WordPress WooCommerce Point Of Sale (POS)

8.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in infosoftplugin WooCommerce Point Of Sale (POS) allows SQL Injection. This issue affects WooCommerce Point Of Sale (POS): from n/a through 1.4.

Basic Information

ID CVE-2025-52820

Source Patchstack

Published Aug 14, 2025 at 10:33

Affected Product

Vendor infosoftplugin

Product WooCommerce Point Of Sale (POS)

Version n/a

Affected Versions infosoftplugin WooCommerce Point Of Sale (POS) n/a

CWE Classification

CWE-89

References

patchstack.com /database/wordpress/plugin/woo-point-of-salepos/vulnerability/wordpress-woocommerce-point-of-sale-pos-1-4-sql-injection-vulnerability

{
    "lastseen": "",
    "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in infosoftplugin WooCommerce Point Of Sale (POS) allows SQL Injection. This issue affects WooCommerce Point Of Sale (POS): from n/a through 1.4.",
    "published": "2025-08-14T10:33:56.543Z",
    "modified": "2025-08-14T10:33:56.543Z",
    "type": "cve",
    "title": "WordPress WooCommerce Point Of Sale (POS) <= 1.4 - SQL Injection Vulnerability",
    "source": "Patchstack",
    "references": "https://patchstack.com/database/wordpress/plugin/woo-point-of-salepos/vulnerability/wordpress-woocommerce-point-of-sale-pos-1-4-sql-injection-vulnerability?_s_id=cve",
    "id": "CVE-2025-52820",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "infosoftplugin WooCommerce Point Of Sale (POS) n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "WooCommerce Point Of Sale (POS)",
    "version": "n/a",
    "vendor": "infosoftplugin",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

WordPress WooCommerce Point Of Sale (POS) <= 1.4 - SQL Injection Vulnerability_CVE-2025-52820