CVE-2025-10635

High

7.7/10

Summary

The Find Me On WordPress plugin through 2.0.9.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing subscribers and above to perform SQL injection attacks

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: CHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: NONE

References

Advisory Timeline

Published Oct 08, 2025

CVE-2025-10635

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS