CVE-2025-10003 is a medium-severity SQL Injection vulnerability identified in the UsersWP WordPress plugin, specifically affecting versions up to and including 1.2.44. This plugin provides front-end login forms, user registration, user profile management, and a members directory for WordPress sites. The vulnerability arises from improper neutralization of special elements in SQL commands (CWE-89), particularly in the 'upload_file_remove' function and the 'htmlvar' parameter. Due to insufficient escaping of user-supplied input and lack of proper query preparation, unauthenticated attackers can inject malicious SQL code. This injection is time-based, meaning attackers can infer data by measuring response delays, enabling them to extract sensitive database information without authentication or user interaction. The CVSS 3.1 score is 6.5, reflecting a medium severity with a network attack vector, low attack complexity, requiring low privileges but no user interaction, and impacting confidentiality but not integrity or availability. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability affects all versions of the plugin up to 1.2.44, making it critical for site administrators using this plugin to assess exposure and apply mitigations promptly.

For European organizations, this vulnerability poses a significant risk to WordPress-based websites that utilize the UsersWP plugin. Exploitation can lead to unauthorized disclosure of sensitive user data, including personal information stored in the database, which may include names, emails, and other profile details. This can result in privacy breaches violating GDPR regulations, potentially leading to legal penalties and reputational damage. Additionally, extracted data could be used for further attacks such as phishing or identity theft. Since the vulnerability does not affect data integrity or availability directly, the primary concern is confidentiality compromise. However, the ease of exploitation without authentication increases the threat level, especially for organizations with public-facing WordPress sites relying on this plugin. The lack of known exploits in the wild suggests limited current active exploitation, but the vulnerability’s presence in a popular CMS plugin makes it a likely target for attackers once publicized.

1. Immediate mitigation involves updating the UsersWP plugin to a patched version once available. Until then, consider disabling or removing the plugin if feasible. 2. Implement Web Application Firewall (WAF) rules specifically targeting SQL injection patterns related to the 'upload_file_remove' function and 'htmlvar' parameter to block malicious requests. 3. Employ input validation and sanitization at the application level, ensuring that all user inputs are properly escaped or parameterized before database queries. 4. Monitor web server and database logs for unusual query patterns or repeated access attempts to the vulnerable endpoints. 5. Restrict database user permissions to the minimum necessary to limit the impact of potential SQL injection. 6. Conduct regular security assessments and penetration testing focusing on WordPress plugins and custom code to detect similar vulnerabilities. 7. Educate site administrators about the risks of outdated plugins and the importance of timely updates.