CVE-2025-22783 is a critical SQL Injection vulnerability in the "SEO Plugin by Squirrly SEO" for WordPress, affecting versions 12.4.01 and earlier. Users with Contributor-level access or higher can input malicious search terms that are directly incorporated into database queries without proper validation, allowing attackers to execute arbitrary SQL commands. This flaw originates from inadequate sanitation of user input in the plugin's internal links management feature. To mitigate this issue, users should update to the latest plugin version and implement stringent input validation measures. For detailed technical insights and a proof of concept, refer to the GitHub repository dedicated to this vulnerability.
GitHub - DoTTak/CVE-2025-22783: PoC of CVE-2025-22783
PoC of CVE-2025-22783. Contribute to DoTTak/CVE-2025-22783 development by creating an account on GitHub.
github.com
