CVE-2025-23931

Published Jan 22, 2025

Last updated a month ago

CVSS critical 9.3

Overview

Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WordPress Local SEO allows Blind SQL Injection. This issue affects WordPress Local SEO: from n/a through 2.3.
Source
audit@patchstack.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.3
Impact score
4.7
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Severity
CRITICAL

Weaknesses

audit@patchstack.com
CWE-89

Social media

Hype score
Not currently trending

  1. [CVE-2025-23931: CRITICAL] Vulnerability in NotFound WordPress Local SEO plugin allows Blind SQL Injection, affecting versions up to 2.3. Ensure cybersecurity measures are updated promptly.#cybersecurity,#vulnerability https://t.co/qqSpKZZftI https://t.co/OwwprCpDX0

    @CveFindCom

    22 Jan 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References