SQL Injection Vulnerability in Rich Snippet Site Report Plugin for WordPress
CVE-2025-10310
4.9MEDIUM
What is CVE-2025-10310?
The Rich Snippet Site Report plugin for WordPress exposes a vulnerability through the 'last' parameter, which lacks adequate input sanitization. This flaw allows unauthenticated attackers to manipulate SQL queries, potentially leading to unauthorized access to sensitive database information. The vulnerability can also be exploited through Cross-Site Request Forgery (CSRF), compounding the risk for affected systems. Users are advised to update to the latest version to ensure security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Rich Snippet Site Report * <= 2.0.0105
References
CVSS V3.1
Score:
4.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
JohSka