What is CVE-2025-58628 — SQL Injection in Miraculous Theme?

CVE-2025-58628 is a critical SQL Injection vulnerability affecting the Miraculous WordPress theme, allowing attackers to potentially extract sensitive data from the database.

Am I affected by CVE-2025-58628 in Miraculous Theme?

You are affected if your WordPress site uses the Miraculous theme in versions 0.0.0 through 2.0.9. Upgrade to 2.0.10 or later to mitigate the risk.

How do I fix CVE-2025-58628 in Miraculous Theme?

Upgrade the Miraculous WordPress theme to version 2.0.10 or later. Consider implementing a WAF as a temporary workaround if immediate upgrade is not possible.

Is CVE-2025-58628 being actively exploited?

While no active exploitation has been confirmed, the vulnerability's ease of exploitation suggests it may be targeted soon.

Where can I find the official Miraculous advisory for CVE-2025-58628?

Refer to the official Miraculous theme documentation or website for the latest security advisory regarding CVE-2025-58628.

CVE-2025-58628 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2025-58628 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• wordpress / composer / npm:

grep -r "SELECT .* FROM" /var/www/html/wp-content/themes/miraculous/includes/

• generic web: ```bash curl -I https://your-wordpress-site.com/wp-admin/admin.php?page=miraculous-settings&action=updateoption&optionname=some_input' --header "X-Custom-Header: \""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""

WordPress Miraculous Theme < 2.0.9 - SQL Injection Vulnerability

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigirtraduzindo…

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2025-58628 — SQL Injection in Miraculous Theme?

Am I affected by CVE-2025-58628 in Miraculous Theme?

How do I fix CVE-2025-58628 in Miraculous Theme?

Is CVE-2025-58628 being actively exploited?

Where can I find the official Miraculous advisory for CVE-2025-58628?

Seu projeto está afetado?

Detecte esta CVE no seu projeto