CVE-2025-10175
BaseFortify
Publication date: 2025-10-11
Last updated on: 2026-04-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rico_macchi | wp_links_page | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the WP Links Page WordPress plugin (up to version 4.9.6) is an SQL Injection via the 'id' parameter. This happens because the plugin does not properly escape or prepare the user-supplied 'id' parameter in its SQL queries. As a result, authenticated users with Subscriber-level access or higher can inject additional SQL commands into existing queries, potentially extracting sensitive information from the database.
How can this vulnerability impact me? :
This vulnerability allows attackers with at least Subscriber-level access to perform SQL Injection attacks, which can lead to unauthorized extraction of sensitive data from the database. Although it does not allow modification or deletion of data (integrity or availability impact is not indicated), the confidentiality of the database contents can be compromised, potentially exposing private or sensitive information.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The SQL Injection vulnerability can lead to unauthorized access and extraction of sensitive data, which may result in a data breach. Such breaches can violate data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information. Therefore, this vulnerability could negatively impact compliance by exposing protected data to unauthorized parties.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious SQL injection attempts targeting the 'id' parameter in the WP Links Page plugin. Since the vulnerability requires authenticated users with Subscriber-level access or higher, reviewing web server logs for unusual or malformed SQL queries involving the 'id' parameter in requests to the plugin is recommended. Additionally, scanning the WordPress installation to check if the WP Links Page plugin is installed and its version is 4.9.6 or below can help identify vulnerable systems. Specific commands could include using grep or similar tools to search access logs for suspicious 'id' parameter usage, for example: 1) grep 'id=' /var/log/apache2/access.log | grep -i 'union' 2) wp plugin list --format=json | jq '.[] | select(.name=="wp-links-page" and .version <= "4.9.6")' However, no explicit detection commands are provided in the resources. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or uninstalling the WP Links Page plugin if it is version 4.9.6 or below, as the plugin was closed and removed from distribution pending a full security review. Restricting user permissions to prevent Subscriber-level users or higher from accessing the plugin functionality can reduce risk. Monitoring and blocking suspicious requests targeting the 'id' parameter can also help. Applying any available patches or updates once the plugin is re-released after security review is recommended. Since the plugin is currently unavailable for download and undergoing review, removing or disabling it is the safest immediate action. [2]