Cyber Resilience

CVE-2025-23779

High

Published: 16 January 2025

Published
16 January 2025
Modified
23 April 2026
KEV Added
Patch
CVSS Score v3.1 7.6 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
EPSS Score 0.0026 50.0th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-23779 is a high-severity SQL Injection (CWE-89) vulnerability. Its CVSS base score is 7.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 50.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-23779 is an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability, classified under CWE-89, affecting the ResAds WordPress plugin developed by web-mv. The issue impacts ResAds versions from unknown initial release through 2.0.5, allowing SQL Injection via the resads component.

Attackers with high privileges required (PR:H) can exploit this vulnerability remotely over the network (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N). Exploitation changes scope (S:C), enabling high confidentiality impact (C:H) such as unauthorized data access, with no integrity impact (I:N) and low availability impact (A:L), resulting in a CVSS v3.1 base score of 7.6.

The Patchstack advisory provides details on this WordPress ResAds plugin vulnerability, including mitigation recommendations for versions up to 2.0.5, available at https://patchstack.com/database/Wordpress/Plugin/resads/vulnerability/wordpress-resads-plugin-2-0-5-sql-injection-vulnerability?_s_id=cve.

EU & UK References

Vulnerability details

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in web-mv ResAds resads allows SQL Injection.This issue affects ResAds: from n/a through <= 2.0.5.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
Why these techniques?

SQL Injection in public-facing WordPress plugin directly enables exploitation of the web application (T1190) and facilitates unauthorized database queries for data collection (T1213.006).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2019-25537Shared CWE-89
CVE-2019-25366Shared CWE-89
CVE-2019-25496Shared CWE-89
CVE-2026-1475Shared CWE-89
CVE-2026-26990Shared CWE-89
CVE-2026-44047Shared CWE-89
CVE-2025-12865Shared CWE-89
CVE-2024-11135Shared CWE-89
CVE-2019-25491Shared CWE-89
CVE-2024-13369Shared CWE-89

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of all information inputs, including those to SQL commands in the ResAds plugin, to neutralize special elements and prevent SQL injection exploitation.

prevent

Mandates timely flaw remediation, such as patching the vulnerable ResAds plugin versions up to 2.0.5, to eliminate the SQL injection vulnerability.

detect

Requires vulnerability scanning to identify SQL injection flaws like CVE-2025-23779 in web plugins, enabling proactive remediation.

References