Cross-Site Request Forgery Vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup
CVE-2025-30788

8.2HIGH

Key Information:

Vendor: Eli
Status: Ez Sql Reports Shortcode Widget And Db Backup
Vendor: CVE Published:; 27 March 2025

What is CVE-2025-30788?

A CSRF vulnerability in the Eli EZ SQL Reports Shortcode Widget and DB Backup allows an attacker to exploit the application through malicious requests, potentially leading to unauthorized SQL injection. This issue affects versions up to 5.25.08, emphasizing the need for site administrators to apply timely updates and implement robust security measures to protect against such threats.

Affected Version(s)

EZ SQL Reports Shortcode Widget and DB Backup 0 <= 5.25.08

References

https://patchstack.com/database/Wordpress/Plugin/elisqlre...

vdb-entry

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2025
Vulnerability Reserved
Mar 26, 2025

Credit

Nabil Irawan (Patchstack Alliance)

CVE-2025-30788 Data

JSON