{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-11454", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-07T17:29:17.585Z", "datePublished": "2025-11-12T11:05:38.743Z", "dateUpdated": "2026-04-08T16:59:49.160Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:59:49.160Z"}, "affected": [{"vendor": "giuse", "product": "Specific Content For Mobile \u2013 Customize the mobile version without redirections", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "0.5.5", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Specific Content For Mobile \u2013 Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eos_scfm_duplicate_post_as_draft() function in all versions up to, and including, 0.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with COntributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}], "title": "Specific Content For Mobile \u2013 Customize the mobile version without redirections <= 0.5.5 - Authenticated (Contributor+) SQL Injection", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ed99dfd-6ca6-41e7-a844-d53eec7068c1?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3387807%40specific-content-for-mobile&new=3387807%40specific-content-for-mobile&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "cweId": "CWE-89", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "timeline": [{"time": "2025-10-31T08:25:58.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-11-11T22:53:15.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-12T14:15:27.215201Z", "id": "CVE-2025-11454", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-12T14:15:38.335Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-11454", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-12T14:15:27.215201Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-12T14:15:32.584Z"}}], "cna": {"title": "Specific Content For Mobile \u2013 Customize the mobile version without redirections <= 0.5.5 - Authenticated (Contributor+) SQL Injection", "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "giuse", "product": "Specific Content For Mobile \u2013 Customize the mobile version without redirections", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "0.5.5"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-31T08:25:58.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-11-11T22:53:15.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ed99dfd-6ca6-41e7-a844-d53eec7068c1?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3387807%40specific-content-for-mobile&new=3387807%40specific-content-for-mobile&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Specific Content For Mobile \u2013 Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eos_scfm_duplicate_post_as_draft() function in all versions up to, and including, 0.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with COntributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:59:49.160Z"}}}, "cveMetadata": {"cveId": "CVE-2025-11454", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:59:49.160Z", "dateReserved": "2025-10-07T17:29:17.585Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-12T11:05:38.743Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Specific Content For Mobile \u2013 Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eos_scfm_duplicate_post_as_draft() function in all versions up to, and including, 0.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with COntributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}], "id": "CVE-2025-11454", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-12T11:15:38.463", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3387807%40specific-content-for-mobile&new=3387807%40specific-content-for-mobile&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ed99dfd-6ca6-41e7-a844-d53eec7068c1?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T12:24:03.848752+00:00", "value": {"mitigation_remediation": ["Upgrade the \"Specific Content For Mobile \u2013 Customize the mobile version without redirections\" plugin to the latest release that addresses the SQL injection flaw (version higher than 0.5.5).", "If an immediate upgrade is not feasible, remove the plugin from the WordPress installation or disable it until a patch is applied.", "Limit Contributor\u2011level access to trusted users only or use a role\u2011management plugin to restrict contributor privileges that grant database access."], "summary": {"action": "Update Plugin", "impact": "Authenticated SQL Injection"}, "threat_synthesis": {"affected_systems": "All installations of the \"Specific Content For Mobile \u2013 Customize the mobile version without redirections\" plugin with version 0.5.5 or earlier are affected. The plugin is distributed by the vendor giuse and integrates into WordPress sites.", "description_and_impact": "The \"Specific Content For Mobile \u2013 Customize the mobile version without redirections\" WordPress plugin is susceptible to a SQL Injection flaw caused by improper escaping and lack of query preparation in the eos_scfm_duplicate_post_as_draft() function. The vulnerability allows users with Contributor or higher roles to append malicious SQL statements to existing queries, enabling extraction of sensitive database information. This is a classic input validation weakness identified as CWE\u201189.", "risk_and_exploitability": "The CVSS score for this issue is 6.5. The EPSS indicates a very low but non\u2011zero likelihood of exploitation, currently less than 1%. It is not listed in CISA\u2019s KEV catalog. Attackers need authenticated access with at least Contributor privileges, so the attack vector is internal; an adversary who gains legitimate contributor access can use the injection to read database contents."}}}}, "created": "2025-11-12T22:12:18.781341+00:00", "updated": "2026-04-22T12:30:16.833511+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}