{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-5563", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-03T16:59:01.709Z", "datePublished": "2025-06-06T06:42:54.692Z", "dateUpdated": "2026-04-08T17:33:59.712Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:33:59.712Z"}, "affected": [{"vendor": "cyberscorp", "product": "WP-Addpub", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.2.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP-Addpub plugin for WordPress is vulnerable to SQL Injection via the 'wp-addpub' shortcode in all versions up to, and including, 1.2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}], "title": "WP-Addpub <= 1.2.8 - Authenticated (Contributor+) SQL Injection", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8945eed-eee4-4043-b6ab-d1ea553a4a23?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-addpub/trunk/wp-addpub.php#L541"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-addpub/trunk/wp-addpub.php#L57"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "cweId": "CWE-89", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "timeline": [{"time": "2025-06-05T17:50:59.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-06T15:42:07.022488Z", "id": "CVE-2025-5563", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-06T16:08:21.175Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5563", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-06T15:42:07.022488Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-06T15:42:08.882Z"}}], "cna": {"title": "WP-Addpub <= 1.2.8 - Authenticated (Contributor+) SQL Injection", "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "cyberscorp", "product": "WP-Addpub", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.2.8"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-06-05T17:50:59.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8945eed-eee4-4043-b6ab-d1ea553a4a23?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-addpub/trunk/wp-addpub.php#L541"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-addpub/trunk/wp-addpub.php#L57"}], "descriptions": [{"lang": "en", "value": "The WP-Addpub plugin for WordPress is vulnerable to SQL Injection via the 'wp-addpub' shortcode in all versions up to, and including, 1.2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:33:59.712Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5563", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:33:59.712Z", "dateReserved": "2025-06-03T16:59:01.709Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-06-06T06:42:54.692Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WP-Addpub plugin for WordPress is vulnerable to SQL Injection via the 'wp-addpub' shortcode in all versions up to, and including, 1.2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}, {"lang": "es", "value": "El complemento WP-Addpub para WordPress es vulnerable a la inyecci\u00f3n SQL mediante el shortcode 'wp-addpub' en todas las versiones hasta la 1.2.8 incluida, debido a un escape insuficiente del par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n de la consulta SQL existente. Esto permite a atacantes autenticados, con acceso de colaborador o superior, a\u00f1adir consultas SQL adicionales a las consultas ya existentes, las cuales pueden utilizarse para extraer informaci\u00f3n confidencial de la base de datos."}], "id": "CVE-2025-5563", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-06-06T07:15:29.503", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-addpub/trunk/wp-addpub.php#L541"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-addpub/trunk/wp-addpub.php#L57"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8945eed-eee4-4043-b6ab-d1ea553a4a23?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T22:35:44.751969+00:00", "value": {"mitigation_remediation": ["Upgrade WP\u2011Addpub to a patched version that removes the SQL injection vulnerability", "Restrict the ability of Contributor\u2011level users (or lower) to use the 'wp-addpub' shortcode by adjusting role capabilities or employing a plugin that blocks shortcode usage for non-admins", "Audit the database for evidence of unauthorized data access and enforce strict least\u2011privilege database credentials to minimize damage from any potential legacy injections"], "summary": {"action": "Apply patch", "impact": "Data theft via SQL injection for authenticated contributors"}, "threat_synthesis": {"affected_systems": "WordPress sites using the WP\u2011Addpub plugin (vendor cyberscorp) with any release version 1.2.8 or earlier are affected. No further version specifics are listed.", "description_and_impact": "The WP-Addpub plugin for WordPress, versions up to 1.2.8, contains an SQL Injection flaw triggered by the 'wp-addpub' shortcode. The plugin fails to escape the user-supplied parameter and does not prepare the SQL statement, enabling an attacker with Contributor\u2011level access or higher to inject additional SQL queries into existing database calls. This can result in the exfiltration of sensitive data from the WordPress database, compromising confidentiality.", "risk_and_exploitability": "The vulnerability has a CVSS score of 6.5, indicating moderate severity, and an EPSS score of less than 1%, implying a low current exploitation probability. It is not listed in CISA\u2019s KEV catalog. The likely attack vector involves an authenticated user embedding a malicious shortcode within a post or page; the bounty of data extraction hinges on the attacker\u2019s ability to contribute content to the site."}}}}, "created": "2026-04-20T22:45:20.541976+00:00", "updated": "2026-04-20T22:45:20.541989+00:00", "vendors": []}