SQL Injection Vulnerability in STEdb Forms by STEdb Corp
CVE-2025-30571

7.6HIGH

Key Information:

Vendor: Stedb Corp.
Status: Stedb Forms
Vendor: CVE Published:; 24 March 2025

Summary

STEdb Forms by STEdb Corp is susceptible to an SQL Injection vulnerability, enabling attackers to manipulate SQL commands executed by the application. This flaw can lead to unauthorized data access or loss, jeopardizing the integrity and confidentiality of user information. Users of affected versions should implement patches or upgrade to safeguard against potential exploitation.

Affected Version(s)

STEdb Forms <= 1.0.4

References

https://patchstack.com/database/wordpress/plugin/stedb-fo...

vdb-entry

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 24, 2025
Vulnerability Reserved
Mar 24, 2025

Credit

kuteminh11 - VNPT Cyber Immunity (Patchstack Alliance)