CVE-2025-2011

HIGH EXPLOITED NUCLEI LAB

WordPress Depicter Plugin SQL Injection (CVE-2025-2011)

Title source: metasploit

Description

The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL Injection via the ‘s' parameter in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Exploits (6)

exploitdb WORKING POC

by Andrew Long · pythonwebappsmultiple

https://www.exploit-db.com/exploits/52285

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by datagoboom · infoleak

https://github.com/datagoboom/CVE-2025-2011

View Code ZIP pw:eip

nomisec WORKING POC

by zsy107u · remote

https://github.com/zsy107u/CVE-2025-2011-poc

View Code ZIP pw:eip

nomisec WORKING POC

by X3RX3SSec · infoleak

https://github.com/X3RX3SSec/CVE-2025-2011

View Code ZIP pw:eip

vulncheck_xdb

infoleak

https://github.com/Ashwesker/Ashwesker-CVE-2025-2011

View on vulncheck_xdb

metasploit WORKING POC

by Muhamad Visat, Valentin Lobstein · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/wp_depicter_sqli_cve_2025_2011.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection

HIGHVERIFIEDby iamnoooob,rootxharsh,pdresearch

References (9)

[Product] https://plugins.trac.wordpress.org/browser/depicter/trunk/app/src/Controllers/Ajax/LeadsAjaxController.php?rev=3156664#L179

[Product] https://plugins.trac.wordpress.org/browser/depicter/trunk/app/src/Controllers/Ajax/LeadsAjaxController.php?rev=3156664#L23

[Product] https://plugins.trac.wordpress.org/browser/depicter/trunk/app/src/Controllers/Ajax/LeadsAjaxController.php?rev=3156664#L49

[Product] https://plugins.trac.wordpress.org/browser/depicter/trunk/app/src/Database/Repository/LeadRepository.php?rev=3156664#L224

[Product] https://plugins.trac.wordpress.org/browser/depicter/trunk/app/src/Services/LeadService.php?rev=3156664#L82

[Product] https://plugins.trac.wordpress.org/changeset/3287525/

[Product] https://wordpress.org/plugins/depicter/#description

[Various Sources] https://github.com/datagoboom/CVE-2025-2011

[Third Party Advisory] https://www.wordfence.com/threat-intel/vulnerabilities/id/49b36cde-39d8-4a69-8d7c-7b850b76a7cd?source=cve

Scores

CVSS v3 7.5

EPSS 0.5238

EPSS Percentile 97.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Lab Environment

COMMUNITY

Community Lab

docker pull wordpress:latest

https://github.com/datagoboom/CVE-2025-2011

https://github.com/X3RX3SSec/CVE-2025-2011

https://github.com/zsy107u/CVE-2025-2011-poc

+1 more repos

View in Library

Details

VulnCheck KEV 2025-05-05

CWE

CWE-89

Status published

Products (2)

averta/Depicter — Popup & Slider Builder < 3.6.1

averta/Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel < 3.6.1

Published May 06, 2025

Tracked Since Feb 18, 2026