{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-69338", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-31T20:12:23.433Z", "datePublished": "2026-03-05T05:53:31.406Z", "dateUpdated": "2026-04-28T20:54:06.365Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "riode-core", "product": "Riode Core", "vendor": "don-themes", "versions": [{"changes": [{"at": "1.6.27", "status": "unaffected"}], "lessThanOrEqual": "1.6.26", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:03:45.404Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.<p>This issue affects Riode Core: from n/a through <= 1.6.26.</p>"}], "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.This issue affects Riode Core: from n/a through <= 1.6.26."}], "impacts": [{"capecId": "CAPEC-7", "descriptions": [{"lang": "en", "value": "Blind SQL Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:37.935Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/riode-core/vulnerability/wordpress-riode-core-plugin-1-6-26-sql-injection-vulnerability?_s_id=cve"}], "title": "WordPress Riode Core plugin <= 1.6.26 - SQL Injection vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-05T15:10:05.992504Z", "id": "CVE-2025-69338", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T20:54:06.365Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-69338", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-05T15:10:05.992504Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T15:09:21.061Z"}}], "cna": {"title": "WordPress Riode Core plugin <= 1.6.26 - SQL Injection vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-7", "descriptions": [{"lang": "en", "value": "Blind SQL Injection"}]}], "affected": [{"vendor": "don-themes", "product": "Riode Core", "versions": [{"status": "affected", "changes": [{"at": "1.6.27", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "1.6.26"}], "packageName": "riode-core", "collectionURL": "https://themeforest.net", "defaultStatus": "unaffected"}], "datePublic": "2026-04-01T16:03:45.404Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/riode-core/vulnerability/wordpress-riode-core-plugin-1-6-26-sql-injection-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.This issue affects Riode Core: from n/a through <= 1.6.26.", "supportingMedia": [{"type": "text/html", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.<p>This issue affects Riode Core: from n/a through <= 1.6.26.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-01T14:13:18.319Z"}}}, "cveMetadata": {"cveId": "CVE-2025-69338", "state": "PUBLISHED", "dateUpdated": "2026-04-01T14:13:18.319Z", "dateReserved": "2025-12-31T20:12:23.433Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-05T05:53:31.406Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.This issue affects Riode Core: from n/a through <= 1.6.26."}, {"lang": "es", "value": "Neutralizaci\u00f3n Incorrecta de Elementos Especiales utilizados en un Comando SQL ('Inyecci\u00f3n SQL') vulnerabilidad en don-themes Riode Core riode-core permite Inyecci\u00f3n SQL Ciega. Este problema afecta a Riode Core: desde n/a hasta &lt;= 1.6.26."}], "id": "CVE-2025-69338", "lastModified": "2026-04-22T21:26:58.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-05T06:16:12.403", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/riode-core/vulnerability/wordpress-riode-core-plugin-1-6-26-sql-injection-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.6.26]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[1.6.27,*]"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Riode Core", "source": "cna", "vendor": "don-themes"}, "product": "riode", "vendor": "don-themes"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-27T20:04:13.302854+00:00", "value": {"mitigation_remediation": ["Upgrade Riode Core to a version newer than 1.6.26, if available.", "If an upgrade is not immediately possible, disable or remove the Riode Core plugin from the WordPress installation.", "Implement input validation and proper parameterized queries in any custom development that interacts with the plugin\u2019s database queries."], "summary": {"action": "Immediate Patch", "impact": "Database Compromise via Blind SQL Injection"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Riode Core for WordPress from unknown initial releases through version 1.6.26. Any website that is running a version of the plugin up to and including 1.6.26 is at risk. The affected product is provided by don\u2011themes and is commonly used as a theme framework for WordPress sites.", "description_and_impact": "don-themes Riode Core plugin contains an improper neutralization of special elements used in an SQL command. The flaw, identified as a blind SQL injection (CWE-89), permits an attacker to inject malicious queries into the database. Depending on the database privileges granted to the application, the attacker could extract sensitive data, modify records, or in worst\u2011case scenarios, execute arbitrary commands on the underlying server.", "risk_and_exploitability": "The CVSS score of 9.3 classifies this flaw as critical. The EPSS indicates a very low likelihood of exploitation (less than 1%), and it is not yet listed in the CISA KEV catalog. Nonetheless, a blind SQL injection can be performed remotely via crafted HTTP requests to the plugin\u2019s administrative or front\u2011end endpoints. Attackers need no special credentials; they only require the ability to inject payloads into the plugin\u2019s query parameters. Given the potential for data exfiltration, the risk for affected sites remains significant."}}}}, "created": "2026-03-06T15:17:38.108354+00:00", "updated": "2026-04-27T20:15:12.262971+00:00", "vendors": ["don-themes", "don-themes$PRODUCT$riode", "wordpress", "wordpress$PRODUCT$wordpress"]}