Platform
wordpress
Component
medinik-core
Fixed in
1.3.7
CVE-2025-69307 describes a critical SQL Injection vulnerability discovered in the Medinik Core WordPress plugin. This flaw allows attackers to perform blind SQL injection, potentially leading to unauthorized data access and manipulation. The vulnerability affects versions from 0.0.0 through 1.3.6. A patch is expected to be released by the vendor.
The SQL Injection vulnerability in Medinik Core allows an attacker to bypass security measures and directly interact with the underlying database. Due to the 'blind' nature of the injection, attackers must infer data through multiple queries, making exploitation more time-consuming but still highly dangerous. Successful exploitation could lead to the exfiltration of sensitive user data, including usernames, passwords, email addresses, and potentially even financial information if the plugin handles e-commerce transactions. Lateral movement within the WordPress environment is also possible if the attacker can leverage the injected SQL to gain access to other plugins or themes. The blast radius extends to all users of websites utilizing the vulnerable Medinik Core plugin.
CVE-2025-69307 has been published on 2026-02-20. The vulnerability's severity is classified as CRITICAL (CVSS 9.3). Public proof-of-concept (PoC) code is currently unknown, but the blind SQL injection nature suggests it may be developed and shared. It is not currently listed on CISA KEV. Active exploitation campaigns are not yet confirmed, but the high severity warrants close monitoring.
Exploit Status
EPSS
0.04% (12% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-69307 is to upgrade to a patched version of the Medinik Core plugin as soon as it becomes available. Until a patch is released, consider implementing temporary workarounds. A Web Application Firewall (WAF) can be configured to filter potentially malicious SQL queries targeting the vulnerable endpoints. Specifically, rules should be created to block SQL injection attempts, focusing on common injection patterns. Additionally, restrict database user permissions to the minimum necessary for the plugin's functionality. After upgrade, confirm the vulnerability is resolved by attempting a controlled SQL injection test on the affected endpoint.
No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-69307 is a critical SQL Injection vulnerability affecting Medinik Core WordPress plugin versions 0.0.0–1.3.6, allowing attackers to extract data through blind SQL injection.
If you are using Medinik Core WordPress plugin versions between 0.0.0 and 1.3.6, you are potentially affected by this vulnerability. Check your plugin versions immediately.
Upgrade to the latest patched version of Medinik Core plugin as soon as it's available. Until then, implement WAF rules and restrict database user permissions.
Active exploitation campaigns are not yet confirmed, but the high severity warrants close monitoring and proactive mitigation.
Refer to the Medinik Core plugin developer's website or WordPress plugin repository for the official advisory and patch release information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.