CVE-2025-23774 – WordPress WPDB to Sql plugin <= 1.2 - Sensitive Data Exposure vulnerability

https://notcve.org/view.php?id=CVE-2025-23774

16 Jan 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in NotFound WPDB to Sql allows Retrieve Embedded Sensitive Data. This issue affects WPDB to Sql: from n/a through 1.2. The WPDB to Sql plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/wpdb-to-sql/vulnerability/wordpress-wpdb-to-sql-plugin-1-2-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •