Description

The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via the get_members() function in all versions up to, and including, 2.4.8 due to missing integer validation on the 'offset' and 'row_count' parameters. The function blindly interpolates 'row_count' into a 'LIMIT offset,row_count' clause using esc_sql() rather than enforcing numeric values. MySQL 5.x’s grammar allows a 'PROCEDURE ANALYSE' clause immediately after a LIMIT clause. Unauthenticated attackers controlling 'row_count' can append a stored‐procedure call, enabling error‐based or time‐based blind SQL injection that can be used to extract sensitive information from the database.

INFO

Published Date :

2025-10-25T06:49:24.551Z

Last Modified :

2026-04-08T17:18:41.355Z

Source :

Wordfence
AFFECTED PRODUCTS

The following products are affected by CVE-2025-4203 vulnerability.

Vendors Products
Wordpress
  • Wordpress
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-4203.

URL Resource
https://plugins.trac.wordpress.org/browser/wpforo/tags/2.4.5/classes/Members.php#L1557 cve-icon cve-icon
https://plugins.trac.wordpress.org/browser/wpforo/tags/2.4.9/classes/Members.php#L1557 cve-icon cve-icon
https://wordpress.org/plugins/wpforo/#developers cve-icon cve-icon
https://www.wordfence.com/threat-intel/vulnerabilities/id/bc406e8a-c4eb-45c3-a53c-37644e0dabfa?source=cve cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact