{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2107", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-03-07T20:05:23.730Z", "datePublished": "2025-03-13T01:45:28.382Z", "dateUpdated": "2026-04-08T17:21:17.434Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:21:17.434Z"}, "affected": [{"vendor": "arielbrailovsky", "product": "ArielBrailovsky-ViralAd", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The ArielBrailovsky-ViralAd plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the printResultAndDie() function in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This only appears to be exploitable on very old versions of WordPress."}], "title": "Arielbrailovsky-Viralad <= 1.0.8 - Unauthenticated SQL Injection", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c6c846c8-df8a-4a95-834e-a9443b6a86b5?source=cve"}, {"url": "https://wordpress.org/plugins/arielbrailovsky-viralad/"}, {"url": "https://plugins.trac.wordpress.org/browser/arielbrailovsky-viralad/trunk/inc/anuncio.php#L105"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "cweId": "CWE-89", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "siyuan shao"}], "timeline": [{"time": "2025-03-12T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-14T13:53:41.417091Z", "id": "CVE-2025-2107", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-14T13:53:48.361Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2107", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-14T13:53:41.417091Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-14T13:53:44.907Z"}}], "cna": {"title": "Arielbrailovsky-Viralad <= 1.0.8 - Unauthenticated SQL Injection", "credits": [{"lang": "en", "type": "finder", "value": "siyuan shao"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "arielbrailovsky", "product": "ArielBrailovsky-ViralAd", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0.8"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-03-12T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c6c846c8-df8a-4a95-834e-a9443b6a86b5?source=cve"}, {"url": "https://wordpress.org/plugins/arielbrailovsky-viralad/"}, {"url": "https://plugins.trac.wordpress.org/browser/arielbrailovsky-viralad/trunk/inc/anuncio.php#L105"}], "descriptions": [{"lang": "en", "value": "The ArielBrailovsky-ViralAd plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the printResultAndDie() function in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This only appears to be exploitable on very old versions of WordPress."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-03-13T01:45:28.382Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2107", "state": "PUBLISHED", "dateUpdated": "2025-03-14T13:53:48.361Z", "dateReserved": "2025-03-07T20:05:23.730Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-03-13T01:45:28.382Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The ArielBrailovsky-ViralAd plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the printResultAndDie() function in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This only appears to be exploitable on very old versions of WordPress."}, {"lang": "es", "value": "El complemento ArielBrailovsky-ViralAd para WordPress es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro 'id' de la funci\u00f3n printResultAndDie() en todas las versiones hasta la 1.0.8 incluida, debido a un escape insuficiente del par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n de la consulta SQL existente. Esto permite a atacantes no autenticados a\u00f1adir consultas SQL adicionales a las consultas ya existentes, las cuales pueden utilizarse para extraer informaci\u00f3n confidencial de la base de datos. Esto solo parece ser explotable en versiones muy antiguas de WordPress."}], "id": "CVE-2025-2107", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-03-13T02:15:13.250", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/arielbrailovsky-viralad/trunk/inc/anuncio.php#L105"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/arielbrailovsky-viralad/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c6c846c8-df8a-4a95-834e-a9443b6a86b5?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T21:58:24.319271+00:00", "value": {"mitigation_remediation": ["Upgrade the ArielBrailovsky\u2011ViralAd plugin to the latest available version that includes the fix, if one is released.", "If no newer version exists, remove the plugin from the WordPress installation to eliminate the vulnerability.", "Upgrade the WordPress core to a supported and recent release to remove the old core conditions that enable the flaw.", "Implement a web application firewall rule that blocks suspicious SQL injection patterns against the plugin\u2019s 'id' parameter endpoint."], "summary": {"action": "Apply Patch", "impact": "SQL Injection Exploiting Data Exfiltration"}, "threat_synthesis": {"affected_systems": "The affected product is the ArielBrailovsky\u2011ViralAd plugin for WordPress, all released versions up to and including 1.0.8. The vulnerability is only exploitable when the WordPress core is very old, so any WordPress installation deploying the plugin in that version range on an outdated core is at risk. The plugin\u2019s code remains unchanged but the environment requirement limits its usefulness in newer core installations.", "description_and_impact": "The ArielBrailovsky\u2011ViralAd WordPress plugin has a flaw that allows anyone who can send a request to its printResultAndDie() function to inject arbitrary SQL via the 'id' parameter. Because the plugin fails to escape or prepare the user supplied value, attackers can append new SQL statements to the existing query and retrieve sensitive database contents. This is a classic SQL injection vulnerability (CWE\u201189) that compromises data confidentiality for the WordPress site.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high\u2011severity flaw, while an EPSS score of less than 1\u202f% suggests a low probability of exploitation in the wild. It is not listed in the CISA KEV catalog. Based on the description, it is inferred that the attack vector is an unauthenticated HTTP request to the plugin\u2019s endpoint with a crafted 'id' value, requiring no authentication or special privileges to reach the vulnerable code."}}}}, "created": "2025-07-13T11:06:59.064333+00:00", "updated": "2026-04-21T22:00:26.600593+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}