SQL Injection Vulnerability in SmartCMS Advance Seat Reservation Management for WooCommerce
CVE-2025-58951
9.3CRITICAL
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 18 December 2025
What is CVE-2025-58951?
An SQL Injection vulnerability has been identified in the SmartCMS Advance Seat Reservation Management for WooCommerce plugin. This flaw allows attackers to manipulate SQL queries by injecting malicious SQL statements, potentially enabling unauthorized access to sensitive data. The issue affects specific versions of the plugin, allowing for exploitation across a range of installations. Users are strongly advised to update to the latest version to mitigate associated risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Advance Seat Reservation Management for WooCommerce <= n/a
References
CVSS V3.1
Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Bonds | Patchstack Bug Bounty Program