CVE-2025-66095 - Vulnerability Details

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows SQL Injection.This issue affects KiviCare: from n/a through <= 3.6.13.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Iqonic	Kivicare
Wordpress	Wordpress

No data.

References

Link	Providers
https://vdp.patchstack.com/database/Wordpress/Plugin/kivicare-clinic-management-system/vulnerability/wordpress-kivicare-plugin-3-6-13-sql-injection-vulnerability?_s_id=cve

History

Mon, 24 Nov 2025 09:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Iqonic Iqonic kivicare Wordpress Wordpress wordpress
Vendors & Products		Iqonic Iqonic kivicare Wordpress Wordpress wordpress

Fri, 21 Nov 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows SQL Injection.This issue affects KiviCare: from n/a through <= 3.6.13.
Title		WordPress KiviCare plugin <= 3.6.13 - SQL Injection vulnerability
Weaknesses		CWE-89
References		https://vdp.patchstack.com/database/Wordpress/Plugin/kivicare-clinic-management-system/vulnerability/wordpress-kivicare-plugin-3-6-13-sql-injection-vulnerability?_s_id=cve

MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2025-11-21T12:29:59.655Z

Updated: 2025-11-21T12:29:59.655Z

Reserved: 2025-11-21T11:21:12.145Z

Link: CVE-2025-66095

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-11-21T13:15:50.877

Modified: 2025-11-21T15:13:13.800

Link: CVE-2025-66095

Redhat

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object