CVE-2025-54720 is a critical SQL Injection vulnerability (CWE-89) affecting the SteelThemes Nest Addons plugin, versions up to and including 1.6.3. This vulnerability arises from improper neutralization of special elements in SQL commands, allowing an unauthenticated remote attacker to inject malicious SQL code via crafted input. The vulnerability has a CVSS v3.1 base score of 9.3, indicating a critical severity level. The vector metrics (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L) reveal that exploitation requires no privileges or user interaction and can be performed remotely over the network. The scope is changed (S:C), meaning the vulnerability affects resources beyond the initially vulnerable component. Successful exploitation can lead to a complete compromise of confidentiality, allowing attackers to read sensitive database information, but does not impact integrity or cause significant availability loss beyond a low level. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability was reserved on July 28, 2025, and published on August 28, 2025. The affected product, Nest Addons, is a plugin likely used in WordPress or similar CMS environments to extend functionality, making it a common target for web-based attacks. The vulnerability's criticality stems from its ease of exploitation, lack of required privileges, and potential to expose sensitive data across the affected systems.

For European organizations, this vulnerability poses a significant risk, especially for those using the Nest Addons plugin in their web infrastructure. Exploitation could lead to unauthorized disclosure of sensitive customer data, intellectual property, or internal business information stored in backend databases. This can result in regulatory non-compliance, particularly under GDPR, which mandates strict data protection and breach notification requirements. The exposure of confidential data could lead to reputational damage, financial penalties, and loss of customer trust. Additionally, the vulnerability could be leveraged as a foothold for further attacks, such as lateral movement within networks or deployment of ransomware. Given the plugin’s likely use in content management systems, many SMEs and larger enterprises across Europe could be affected, especially those with public-facing websites relying on this plugin for enhanced functionality.

European organizations should immediately audit their web environments to identify installations of SteelThemes Nest Addons, particularly versions up to 1.6.3. Until an official patch is released, organizations should consider the following mitigations: 1) Disable or remove the Nest Addons plugin if it is not essential to business operations. 2) Implement Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection attempts targeting the plugin’s known vulnerable endpoints or parameters. 3) Employ input validation and sanitization at the application level to neutralize special characters in user inputs. 4) Monitor web server and database logs for unusual query patterns or error messages indicative of injection attempts. 5) Restrict database user permissions to the minimum necessary, avoiding use of highly privileged accounts for web applications. 6) Prepare for rapid deployment of patches once available by maintaining an up-to-date asset inventory and change management process. 7) Conduct security awareness training for developers and administrators on secure coding and plugin management practices.