CVE-2025-5563 is an SQL Injection vulnerability identified in the WP-Addpub plugin for WordPress, affecting all versions up to and including 1.2.8. The root cause is the insufficient escaping of user-supplied input passed through the 'wp-addpub' shortcode and the absence of prepared statements in the SQL queries constructed by the plugin. This flaw allows authenticated users with Contributor-level permissions or higher to append arbitrary SQL commands to existing queries. Because Contributors have limited privileges compared to administrators, the vulnerability is somewhat constrained but still dangerous. Exploiting this vulnerability can enable attackers to extract sensitive information from the WordPress database, such as user credentials, posts, or other confidential data. The vulnerability does not require user interaction and can be exploited remotely over the network. The CVSS 3.1 score of 6.5 reflects a medium severity, with high confidentiality impact but no impact on integrity or availability. No patches or official fixes have been linked yet, and no known exploits have been reported in the wild. The vulnerability is classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), a common and critical web application security issue. The vulnerability was published on June 6, 2025, and assigned by Wordfence.

The primary impact of CVE-2025-5563 is unauthorized disclosure of sensitive information stored in the WordPress database. Attackers with Contributor-level access can leverage this vulnerability to extract data such as user information, posts, or other confidential content, potentially leading to privacy violations, data breaches, and further exploitation. While the vulnerability does not allow modification or deletion of data (no integrity or availability impact), the confidentiality breach alone can be significant for organizations handling sensitive or regulated data. This risk is amplified for websites with multiple contributors or those that allow external users to register with Contributor privileges. The vulnerability could also be leveraged as a foothold for further attacks if sensitive credentials or configuration data are exposed. Organizations relying on WP-Addpub for content management or publication are at risk, especially if they do not restrict contributor access or monitor database queries. The lack of known exploits in the wild suggests limited current exploitation, but the vulnerability's ease of exploitation and network accessibility mean it could be targeted in the future.

1. Immediately restrict Contributor-level permissions to trusted users only until a patch is available. 2. Disable or remove the WP-Addpub plugin if it is not essential to reduce the attack surface. 3. Monitor database logs and web server logs for unusual or suspicious SQL queries that may indicate exploitation attempts. 4. Implement Web Application Firewall (WAF) rules to detect and block SQL Injection patterns targeting the 'wp-addpub' shortcode parameter. 5. Use principle of least privilege for WordPress roles and database user permissions to limit data exposure. 6. Regularly back up WordPress databases and files to enable recovery in case of compromise. 7. Once available, promptly apply official patches or updates from the plugin vendor. 8. Consider employing security plugins that enforce input validation and prepared statements for database queries. 9. Conduct security audits and penetration testing focused on SQL Injection vulnerabilities in WordPress plugins. 10. Educate site administrators and developers about secure coding practices to prevent similar vulnerabilities.