{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2478", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-03-17T21:37:30.036Z", "datePublished": "2025-03-22T06:41:13.120Z", "dateUpdated": "2026-04-08T17:11:15.664Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:11:15.664Z"}, "affected": [{"vendor": "allhart", "product": "Code Clone", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "0.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018snippetId\u2019 parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}], "title": "Code Clone <= 0.9 - Authenticated (Administrator+) SQL Injection via snippetId Parameter", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9b6f21ce-8601-425f-bd44-6a1af31c67de?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/code-clone/trunk/admin/snippet-edit.php"}, {"url": "https://wordpress.org/plugins/code-clone/#developers"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "cweId": "CWE-89", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Hoang Phuc Vo"}], "timeline": [{"time": "2025-03-21T17:52:29.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-24T13:17:54.264407Z", "id": "CVE-2025-2478", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-24T13:18:05.036Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2478", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-24T13:17:54.264407Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-24T13:18:01.172Z"}}], "cna": {"title": "Code Clone <= 0.9 - Authenticated (Administrator+) SQL Injection via snippetId Parameter", "credits": [{"lang": "en", "type": "finder", "value": "Hoang Phuc Vo"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "allhart", "product": "Code Clone", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "0.9"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-03-21T17:52:29.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9b6f21ce-8601-425f-bd44-6a1af31c67de?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/code-clone/trunk/admin/snippet-edit.php"}, {"url": "https://wordpress.org/plugins/code-clone/#developers"}], "descriptions": [{"lang": "en", "value": "The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018snippetId\u2019 parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:11:15.664Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2478", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:11:15.664Z", "dateReserved": "2025-03-17T21:37:30.036Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-03-22T06:41:13.120Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018snippetId\u2019 parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}, {"lang": "es", "value": "El complemento Code Clone para WordPress es vulnerable a la inyecci\u00f3n SQL basada en tiempo mediante el par\u00e1metro 'snippetId' en todas las versiones hasta la 0.9 incluida, debido a un escape insuficiente del par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n de la consulta SQL existente. Esto permite a atacantes autenticados, con acceso de administrador o superior, a\u00f1adir consultas SQL adicionales a las consultas existentes, que pueden utilizarse para extraer informaci\u00f3n confidencial de la base de datos."}], "id": "CVE-2025-2478", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-03-22T07:15:24.963", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/code-clone/trunk/admin/snippet-edit.php"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/code-clone/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9b6f21ce-8601-425f-bd44-6a1af31c67de?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T21:47:29.842652+00:00", "value": {"mitigation_remediation": ["Update Code Clone to the latest plugin version, which removes the snippetId injection flaw.", "Revoke or lock any unnecessary administrator accounts and enforce the principle of least privilege for remaining users.", "If an immediate update is not possible, remove or disable the snippet\u2011edit.php file from the server or apply a server\u2011side block to limit access to that file, thereby preventing the injection path."], "summary": {"action": "Patch", "impact": "SQL Injection (Administrator+)"}, "threat_synthesis": {"affected_systems": "All users of the Code Clone plugin by Allhart, with affected versions up to and including 0.9. WordPress sites running this plugin version are at risk if an administrator account is compromised. The vulnerability is limited to environments where the plugin\u2019s administrative interface is accessible.", "description_and_impact": "The vulnerability exists in the Code Clone plugin for WordPress and is a time\u2011based SQL injection that targets the snippetId parameter in the admin snippet\u2011edit.php file. Because the plugin does not escape the user\u2011supplied value or properly prepare the query, an attacker who is already authenticated with Administrator rights can inject additional SQL statements. This ability allows the attacker to read sensitive data from the database and compromise the integrity of the stored information. The weakness is a classic application typo\u2011injection flaw.", "risk_and_exploitability": "The CVSS base score of 4.9 indicates a moderate severity. Current EPSS submissions show a very low exploitation probability (<\u20091\u202f%) and the issue is not listed in the CISA KEV catalog, suggesting that large\u2011scale exploitation is unlikely at present. However, because the flaw requires administrator privileges, any site with weaker access controls or an exposed admin account could be vulnerable. The risk is considered moderate, but because the attack vector depends on an authenticated user, the best practice is to patch as soon as the update becomes available."}}}}, "created": "2026-04-21T22:00:26.592347+00:00", "updated": "2026-04-21T22:00:26.592362+00:00", "vendors": []}