CVE-2025-24773
BaseFortify
Publication date: 2025-06-17
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a high-severity SQL Injection flaw in the WordPress plugin WPCRM - CRM for Contact form CF7 & WooCommerce (up to version 3.2.0). It allows unauthenticated attackers to execute arbitrary SQL queries on the database by improperly neutralizing special elements used in SQL commands. This can lead to unauthorized access to or manipulation of the database. [1]
How can this vulnerability impact me? :
The vulnerability can allow attackers to steal or manipulate data stored in the database without authentication. This can result in data theft, unauthorized data modification, and potentially compromise the integrity and confidentiality of your data. Because of its high severity and ease of exploitation, it poses a significant security risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusual or unauthorized SQL queries targeting the WPCRM plugin endpoints, especially those attempting SQL Injection patterns. Network intrusion detection systems (NIDS) or web application firewalls (WAF) with signatures for SQL Injection can help identify exploitation attempts. Specific commands are not provided in the resources, but using tools like sqlmap against the plugin's input fields or reviewing web server logs for suspicious query parameters may help detect attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) provided by Patchstack, which blocks attacks targeting this SQL Injection vulnerability without requiring plugin updates. Since no official patch is available yet, applying this virtual patch promptly is strongly advised. Additionally, monitoring for signs of compromise and seeking professional incident response if exploitation is suspected are recommended. [1]