CVE-2025-10045
BaseFortify
Publication date: 2025-10-15
Last updated on: 2026-04-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| onoffice | onoffice_for_wp_websites | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability is an SQL Injection in the onOffice for WP-Websites WordPress plugin affecting all versions up to and including 5.7. It occurs via the 'order' parameter, which is insufficiently escaped and improperly prepared in SQL queries. Authenticated users with Editor-level access or higher can exploit this to append malicious SQL code to existing queries, potentially extracting sensitive database information.
How can this vulnerability impact me? :
This vulnerability allows attackers with Editor-level access or above to perform SQL Injection attacks, enabling them to extract sensitive information from the database. This could lead to unauthorized data disclosure, compromising the confidentiality of user data and potentially impacting the integrity of the database.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability could lead to unauthorized access and extraction of sensitive personal or protected data from the database, which may result in non-compliance with data protection regulations such as GDPR and HIPAA. Organizations affected by this vulnerability might face legal and regulatory consequences if sensitive data is exposed due to this flaw.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusual or unauthorized SQL queries involving the 'order' parameter in the onOffice for WP-Websites plugin, especially from users with Editor-level access or higher. Since the vulnerability involves SQL Injection via the 'order' parameter, you can look for suspicious HTTP requests targeting this parameter. For example, using command-line tools like curl or network monitoring tools to capture requests with suspicious payloads. A sample command to test might be: curl -u editor_user:password "http://yourwordpresssite.com/?order=1;DROP TABLE users--" Additionally, inspecting WordPress logs or database logs for unexpected queries or errors related to the 'order' parameter can help detect exploitation attempts. However, no specific detection commands are provided in the resources. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1. Restrict Editor-level and higher user permissions to trusted users only, as the vulnerability requires authenticated users with Editor-level access or above. 2. Update the onOffice for WP-Websites plugin to a version later than 5.7 once a patch is released. 3. As a temporary workaround, disable or restrict usage of the 'order' parameter in the plugin if possible. 4. Monitor and audit database queries and user activities for suspicious behavior. 5. Review and sanitize any user inputs related to SQL queries in custom code. Note: The provided resources do not specify an official patch or detailed mitigation steps, so following general best practices for SQL Injection prevention and access control is recommended. [2]