CVE-2025-32119

Published Apr 10, 2025

Last updated 2 months ago

CVSS high 8.2

Overview

Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CardGate CardGate Payments for WooCommerce allows Blind SQL Injection. This issue affects CardGate Payments for WooCommerce: from n/a through 3.2.1.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.2
Impact score
4.7
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L
Severity
HIGH

Weaknesses

audit@patchstack.com
CWE-89

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-32119 🔴 HIGH (8.2) 🏢 CardGate - CardGate Payments for WooCommerce 🏗️ Unknown Version 🔗 https://t.co/bltuG9xTZ9 #CyberCron #VulnAlert #InfoSec https://t.co/K1zkljZFnq

    @cybercronai

    10 Apr 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.