CVE-2025-69337
Blind SQL Injection in Wolmart Core Plugin
Publication date: 2026-02-20
Last updated on: 2026-02-24
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| don-themes | wolmart_core | From 1.0.0 (inc) to 1.9.6 (inc) |
| don-themes | wolmart_core | to 1.9.6 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-69337 is a high-priority SQL Injection vulnerability affecting the WordPress Wolmart Core Plugin versions up to and including 1.9.6.
This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands directly on the database by exploiting improper neutralization of special elements used in SQL commands, also known as Blind SQL Injection.
It falls under the OWASP Top 10 category A3: Injection.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can lead to serious impacts including unauthorized data theft and other malicious actions performed on the database.'}, {'type': 'paragraph', 'content': 'Because the vulnerability requires no authentication to exploit, attackers can easily leverage it to compromise the affected system.'}, {'type': 'paragraph', 'content': "Exploitation of this vulnerability can result in loss of data integrity, confidentiality, and potentially availability depending on the attacker's actions."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on the database via the Wolmart Core Plugin up to version 1.9.6. Detection can involve monitoring for unusual or suspicious SQL queries targeting the plugin endpoints.
While specific commands are not provided in the resources, typical detection methods include using web application firewalls (WAF) with rules to detect SQL injection patterns, or running database query logs to identify anomalous queries.
Patchstack offers a mitigation rule that can block exploitation attempts, which can also be used to detect attack attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary immediate step to mitigate this vulnerability is to update the Wolmart Core Plugin to version 1.9.7 or later, where the issue is patched.
Until the update can be applied, users are advised to implement the mitigation rule provided by Patchstack, which can block exploitation attempts.
Enabling auto-updates for vulnerable plugins can also help enhance protection against this and similar vulnerabilities.