CVE-2025-27312

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Feb 24, 2025

CWE ID 89

Summary

CVE-2025-27312 is a vulnerability affecting the Jenst WP Sitemap plugin for WordPress. It involves an SQL Injection issue where special elements in SQL commands are not properly neutralized. This weakness allows attackers to inject malicious SQL commands and potentially access sensitive data or take control of the affected website. The vulnerability affects WP Sitemap versions from n/a through 1.0. Users are strongly advised to update their plugin to a secure version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3lypZl
https://www.cve.org/CVERecord?id=CVE-2025-27312
https://nvd.nist.gov/vuln/detail/CVE-2025-27312

Back to Vulnerability Database

CVE-2025-27312

CVSS 3.1 Score 8.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations