CVE-2025-10144 identifies a time-based SQL Injection vulnerability in the Perfect Brands for WooCommerce plugin for WordPress, present in all versions up to and including 3.6.2. The vulnerability stems from improper neutralization of special elements used in SQL commands (CWE-89), specifically due to insufficient escaping and lack of prepared statements on the 'brands' attribute within the 'products' shortcode. Authenticated attackers with Contributor-level privileges or higher can exploit this flaw by injecting malicious SQL code into the 'brands' parameter, which is concatenated directly into SQL queries without adequate sanitization. This enables attackers to append additional SQL queries, facilitating extraction of sensitive information from the backend database via time-based blind SQL Injection techniques. The vulnerability does not require user interaction but does require authenticated access, limiting exposure to users with some level of site privileges. The CVSS v3.1 score is 6.5 (medium), reflecting network attack vector, low attack complexity, privileges required, no user interaction, unchanged scope, high confidentiality impact, and no integrity or availability impact. No known exploits have been reported in the wild yet. The vulnerability affects all plugin versions up to 3.6.2, and no official patches have been published at the time of reporting. The flaw poses a significant confidentiality risk, potentially exposing customer data, credentials, or other sensitive e-commerce information stored in the WordPress database. The issue is particularly critical in environments where multiple users have contributor or higher roles, increasing the attack surface. The vulnerability highlights the importance of proper input validation, use of parameterized queries, and least privilege principles in WordPress plugin development.

For European organizations, this vulnerability could lead to unauthorized disclosure of sensitive customer and business data stored in WooCommerce databases, including personal information, order details, and potentially payment-related data if stored insecurely. The attack requires authenticated access with Contributor-level privileges, which may be common in collaborative e-commerce environments. Exploitation could undermine customer trust, violate GDPR data protection requirements, and lead to regulatory penalties if personal data is compromised. Additionally, data leakage could facilitate further attacks such as phishing or account takeover. The lack of integrity or availability impact limits direct disruption, but confidentiality breaches alone can have severe reputational and financial consequences. Organizations with large e-commerce operations or those handling sensitive customer data are at higher risk. The vulnerability also increases insider threat risks, as malicious or compromised contributors could exploit it. Given the widespread use of WooCommerce across Europe, the potential impact is significant, especially for SMEs and enterprises relying on this plugin for brand management and product display.

1. Monitor quadlayers’ official channels for security patches and apply updates promptly once available. 2. Until a patch is released, restrict Contributor-level and higher privileges to trusted users only, minimizing the number of accounts that can exploit this vulnerability. 3. Implement Web Application Firewall (WAF) rules to detect and block suspicious SQL injection patterns targeting the 'brands' parameter in the 'products' shortcode. 4. Conduct a thorough audit of user roles and permissions in WordPress to enforce the principle of least privilege. 5. If feasible, apply custom input validation and sanitization on the 'brands' attribute by modifying the plugin code or using hooks to enforce strict parameter handling and prevent injection. 6. Enable detailed logging and monitoring of database queries and application logs to detect anomalous access or time-based delays indicative of SQL injection attempts. 7. Educate content contributors about security best practices and the risks of SQL injection to reduce accidental misuse. 8. Consider isolating the WooCommerce database or using database user accounts with limited read-only access for frontend queries to minimize data exposure in case of injection. 9. Regularly back up databases and test restoration procedures to ensure data integrity in case of compromise. 10. Review and update incident response plans to include scenarios involving SQL injection attacks targeting WordPress plugins.