{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T10:52:33.164","vulnerabilities":[{"cve":{"id":"CVE-2025-31397","sourceIdentifier":"audit@patchstack.com","published":"2025-05-23T13:15:26.893","lastModified":"2026-04-23T15:27:45.173","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smartcms Bus Ticket Booking with Seat Reservation for WooCommerce scw-bus-seat-reservation allows SQL Injection.This issue affects Bus Ticket Booking with Seat Reservation for WooCommerce: from n/a through <= 1.7."},{"lang":"es","value":"La vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en smartcms Bus Ticket Booking with Seat Reservation for WooCommerce permite la inyección SQL. Este problema afecta a la Reserva de billetes de autobús con reserva de asientos para WooCommerce desde n/d hasta la versión 1.7."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/scw-bus-seat-reservation/vulnerability/wordpress-bus-ticket-booking-with-seat-reservation-for-woocommerce-plugin-1-7-sql-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}