CVE-2025-30947
BaseFortify
Publication date: 2025-07-04
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an SQL Injection issue in the WordPress Cool Fade Popup plugin (up to version 10.1). It allows a malicious actor with at least contributor-level privileges to perform Blind SQL Injection attacks, enabling them to interact directly with the website's database. This can lead to unauthorized database manipulations or data theft. The plugin is abandoned with no official fix available, and deactivating it does not remove the risk unless a virtual patch is applied. [1]
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access and manipulation of your website's database, potentially resulting in data theft or corruption. Because it is a high severity issue (CVSS 8.5), attackers could exploit it to compromise sensitive information. Since the plugin is abandoned and lacks official patches, the risk remains unless mitigated by virtual patching or removing the plugin. In case of compromise, professional incident response and server-side malware scanning are recommended. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for unusual database interactions indicative of Blind SQL Injection attempts. Since the vulnerability requires at least contributor-level privileges to exploit, reviewing logs for suspicious SQL queries or unauthorized access attempts is recommended. However, there are no specific commands provided for detection. Professional incident response and server-side malware scanning are advised over plugin-based scanners to identify potential compromises. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include removing and replacing the vulnerable Cool Fade Popup plugin with a secure alternative, as there is no official fix or updated version available. Applying a virtual patch (vPatch) provided by Patchstack can auto-mitigate the vulnerability without requiring an official patch. Deactivating the plugin alone does not eliminate the risk. Users are strongly advised to implement these measures promptly due to the high severity and lack of ongoing support. [1]