WordPress Plugin Vulnerabilities

File Provider <= 1.2.3 - Unauthenticated SQLi

Description

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

Proof of Concept

Affects Plugins

Plugin icon
file-provider
No known fix

References

CVE
CVE-2025-4578

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
8.6 (high)

Miscellaneous

Original Researcher
Nxploited (Khaled_alenazi)
Submitter
Nxploited (Khaled_alenazi)
Submitter website
https://github.com/nxploited
Verified
Yes
WPVDB ID
3aa76b96-40b7-4bde-a39c-c1aa6f8278fc

Timeline

Publicly Published
2025-05-14 (about 7 months ago)
Added
2025-05-14 (about 7 months ago)
Last Updated
2025-05-14 (about 7 months ago)

Other

Published
Title
Published
2023-11-28
Title
WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs/send_mail endpoint
Published
2014-08-01
Title
Automatic 2.0.3 - csv.php q Parameter SQL Injection
Published
2025-10-02
Title
WPRecovery <= 2.0 - Unauthenticated SQL Injection to Arbitrary File Deletion
Published
2025-04-17
Title
ProfileGrid < 5.9.4.9 - Authenticated (Subscriber+) SQL Injection
Published
2025-04-21
Title
Appsero Helper <= 1.3.4 - Authenticated (Subscriber+) SQL Injection