{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T12:12:09.257","vulnerabilities":[{"cve":{"id":"CVE-2025-32290","sourceIdentifier":"audit@patchstack.com","published":"2025-05-16T16:15:38.990","lastModified":"2026-04-23T15:28:54.593","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Sticky HTML5 Music Player lbg-audio3-html5 allows SQL Injection.This issue affects Sticky HTML5 Music Player: from n/a through <= 3.1.6."},{"lang":"es","value":"Vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en LambertGroup Sticky HTML5 Music Player permite la inyección SQL. Este problema afecta al reproductor de música HTML5 Sticky desde n/d hasta la versión 3.1.6."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":4.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/lbg-audio3-html5/vulnerability/wordpress-sticky-html5-music-player-3-1-6-sql-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}