First published: Thu Mar 27 2025(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows SQL Injection. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.25.08.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
EZ SQL Reports Shortcode Widget and DB Backup | <=5.25.08 | |
WordPress Database Backup | <=5.25.08 |
Update the WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin to the latest available version (at least 5.25.10).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-30788 is a critical severity Cross-Site Request Forgery (CSRF) vulnerability that allows for SQL Injection.
To fix CVE-2025-30788, update the EZ SQL Reports Shortcode Widget and DB Backup plugin to the latest version beyond 5.25.08.
CVE-2025-30788 affects EZ SQL Reports Shortcode Widget and DB Backup versions from n/a through 5.25.08.
CVE-2025-30788 can lead to SQL Injection attacks, potentially compromising database security.
Yes, CVE-2025-30788 specifically affects the WordPress EZ SQL Reports Shortcode Widget and DB Backup.