CVE-2025-9322 identifies a critical SQL Injection vulnerability in the 'Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions' WordPress plugin, maintained by themeisle. The vulnerability exists in all versions up to and including 8.3.1 due to insufficient escaping and lack of prepared statements when handling the 'wpfs-form-name' parameter. This parameter is user-supplied and directly incorporated into SQL queries without proper sanitization, enabling attackers to append arbitrary SQL commands. The vulnerability is remotely exploitable over the network without any authentication or user interaction, increasing its risk profile. Successful exploitation allows attackers to extract sensitive information from the backend database, such as payment details, user data, or other confidential records stored by the plugin or WordPress site. Although no public exploits have been reported yet, the vulnerability's characteristics—network accessibility, no authentication required, and high confidentiality impact—make it a prime target for attackers. The CVSS 3.1 base score of 7.5 reflects these factors, with a vector indicating network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), and no impact on integrity or availability (I:N/A:N). This vulnerability falls under CWE-89, which covers improper neutralization of special elements in SQL commands. The plugin is widely used for processing payments, donations, and subscriptions via Stripe on WordPress sites, making the vulnerability relevant to many e-commerce and fundraising platforms.

For European organizations, this vulnerability poses a significant risk of unauthorized data disclosure, particularly sensitive payment and personal information processed through the affected WordPress plugin. Exploitation could lead to breaches of GDPR and other data protection regulations, resulting in legal penalties and reputational damage. Organizations relying on this plugin for online payments or donations may experience loss of customer trust and potential financial fraud. Since the vulnerability does not affect integrity or availability directly, attackers are primarily focused on data exfiltration. However, the exposure of payment data can facilitate further attacks such as identity theft or financial fraud. The ease of exploitation without authentication increases the likelihood of automated scanning and exploitation attempts, especially targeting European e-commerce and non-profit sectors. Additionally, compromised sites may be used as pivot points for further attacks within organizational networks. The lack of known exploits in the wild currently provides a window for proactive mitigation before widespread abuse occurs.

Immediate mitigation involves updating the 'Stripe Payment Forms by WP Full Pay' plugin to a patched version once released by themeisle. Until a patch is available, organizations should implement strict input validation and sanitization on the 'wpfs-form-name' parameter at the web application level, using web application firewalls (WAFs) to detect and block SQL injection patterns targeting this parameter. Employing parameterized queries or prepared statements in custom code interfacing with the plugin can reduce risk. Monitoring database logs and web server logs for anomalous SQL queries or repeated access attempts to the vulnerable parameter is critical for early detection. Organizations should also conduct security audits of their WordPress environment, ensuring minimal plugin usage and adherence to the principle of least privilege for database accounts. Regular backups and incident response plans should be updated to address potential data breaches. Finally, educating site administrators about the risks and signs of exploitation can enhance organizational readiness.