{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T12:29:12.785","vulnerabilities":[{"cve":{"id":"CVE-2025-28972","sourceIdentifier":"audit@patchstack.com","published":"2025-06-17T15:15:41.077","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Suhas Surse WP Employee Attendance System wp-employee-attendance-system allows Blind SQL Injection.This issue affects WP Employee Attendance System: from n/a through <= 3.5."},{"lang":"es","value":"La vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en Suhas Surse WP Employee Attendance System permite la inyección SQL ciega. Este problema afecta al sistema de asistencia de empleados WP desde n/d hasta la versión 3.5."}],"metrics":{},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/wp-employee-attendance-system/vulnerability/wordpress-wp-employee-attendance-system-3-5-sql-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}