CVE-2025-10047 is an SQL Injection vulnerability classified under CWE-89 affecting the 'Email Tracker – Email Log, Email Open Tracking, Email Analytics & Email Management for WordPress Emails' plugin developed by pmbaldha. The vulnerability arises from improper neutralization of special elements in the 'orderby' parameter used in SQL queries. Specifically, the plugin fails to adequately escape or prepare the user-supplied 'orderby' parameter before incorporating it into SQL commands. This flaw exists in all versions up to and including 5.3.12. An attacker with authenticated Administrator-level access can exploit this vulnerability by injecting additional SQL statements into the existing query, enabling unauthorized extraction of sensitive data from the WordPress database. The vulnerability does not affect integrity or availability but compromises confidentiality by exposing sensitive information. Exploitation requires no user interaction but does require high privileges, restricting the attack surface to trusted users or compromised administrator accounts. No public exploits have been reported yet, but the vulnerability's presence in a widely used WordPress plugin makes it a significant concern. The CVSS v3.1 base score is 4.9, reflecting medium severity due to network attack vector, low attack complexity, and high privileges required.

The primary impact of CVE-2025-10047 is unauthorized disclosure of sensitive information stored in the WordPress database, which may include user data, email logs, analytics, and other confidential content managed by the plugin. This can lead to privacy violations, data breaches, and potential compliance issues for organizations handling personal or regulated data. Since exploitation requires Administrator-level access, the threat is particularly severe if an attacker gains or already holds such privileges, potentially via credential compromise or insider threats. The vulnerability does not directly affect data integrity or system availability, but the leakage of sensitive data can undermine trust and lead to reputational damage. Organizations relying on this plugin for email tracking and analytics are at risk of data exposure, which could be leveraged for further attacks such as phishing or social engineering. The global reach of WordPress and the plugin's user base means that organizations worldwide, especially those with large WordPress deployments, are potentially affected.

1. Immediate mitigation involves restricting Administrator-level access to trusted personnel only and enforcing strong authentication mechanisms such as multi-factor authentication (MFA) to reduce the risk of credential compromise. 2. Monitor database query logs for unusual or unexpected SQL commands that could indicate attempted injection. 3. Apply the principle of least privilege to WordPress roles, limiting the number of users with Administrator privileges. 4. If available, update the plugin to a patched version that properly sanitizes and prepares the 'orderby' parameter to prevent SQL Injection. If no patch is currently available, consider disabling or replacing the plugin temporarily. 5. Implement Web Application Firewall (WAF) rules that detect and block SQL Injection patterns targeting the 'orderby' parameter. 6. Conduct regular security audits and code reviews for custom plugins or themes to ensure secure coding practices. 7. Backup WordPress databases regularly and securely to enable recovery in case of compromise. 8. Educate administrators about the risks of SQL Injection and the importance of secure plugin management.