Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-54043: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in YayCommerce SMTP for Amazon SES

High
VulnerabilityCVE-2025-54043cvecve-2025-54043cwe-89
Published: Wed Jul 16 2025 (07/16/2025, 10:36:51 UTC)
Source: CVE Database V5
Vendor/Project: YayCommerce
Product: SMTP for Amazon SES

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for Amazon SES allows SQL Injection. This issue affects SMTP for Amazon SES: from n/a through 1.9.

Technical Details

Data Version
5.1
Assigner Short Name
Patchstack
Date Reserved
2025-07-16T08:52:07.075Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 687782fba83201eaacd97996

Added to database: 7/16/2025, 10:46:19 AM

Last updated: 7/16/2025, 10:46:19 AM

Views: 1

Related Threats

CVE-2025-54051: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in bPlugins LightBox Block

Medium
VulnerabilityWed Jul 16 2025

CVE-2025-54050: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in CyberChimps Responsive Addons for Elementor

Medium
VulnerabilityWed Jul 16 2025

CVE-2025-54047: CWE-862 Missing Authorization in QuanticaLabs Cost Calculator

Medium
VulnerabilityWed Jul 16 2025

CVE-2025-54042: CWE-352 Cross-Site Request Forgery (CSRF) in xfinitysoft WP Post Hide

Medium
VulnerabilityWed Jul 16 2025

CVE-2025-54041: CWE-352 Cross-Site Request Forgery (CSRF) in WP Swings Wallet System for WooCommerce

Medium
VulnerabilityWed Jul 16 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats