CVE-2025-5673
BaseFortify
Publication date: 2025-06-17
Last updated on: 2025-06-17
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5673 is an SQL Injection vulnerability in the Blog2Social WordPress plugin (up to version 8.4.4). It occurs because the plugin constructs SQL queries dynamically using user-supplied input for the 'prgSortPostType' parameter without proper escaping or preparation. This allows authenticated users with Subscriber-level access or higher to inject additional SQL code into queries that retrieve posts, potentially extracting sensitive information from the database. [1]
How can this vulnerability impact me? :
This vulnerability can allow an authenticated attacker with at least Subscriber-level access to perform SQL Injection attacks, enabling them to extract sensitive information from the WordPress database. This could lead to unauthorized data disclosure and compromise of the website's data integrity and confidentiality. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the Blog2Social plugin's admin interface for SQL injection via the 'prgSortPostType' parameter. Since the vulnerability involves SQL injection through this parameter, you can attempt to inject SQL payloads in requests that use this parameter to see if the database responds with errors or unexpected data. For example, using curl or a web proxy tool, you can send requests with crafted 'prgSortPostType' values to the plugin's post retrieval endpoints. Specific commands might include sending HTTP POST or GET requests with payloads such as "' OR '1'='1" or other SQL injection strings in the 'prgSortPostType' parameter and observing the response. Additionally, monitoring database query logs for suspicious queries involving this parameter can help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Blog2Social plugin to a version later than 8.4.4 where the vulnerability is fixed. If an update is not immediately available, restrict access to the plugin's admin interface to trusted users only, as the vulnerability requires authenticated users with Subscriber-level access or higher. Additionally, consider disabling or removing the plugin temporarily to prevent exploitation. Applying Web Application Firewall (WAF) rules to block suspicious input patterns in the 'prgSortPostType' parameter can also help mitigate risk until a patch is applied. [1]