CVE-2025-2011

Name of the Vulnerable Software and Affected Versions Slider & Popup Builder by Depicter for WordPress versions up to and including 3.6.1

Description The Slider & Popup Builder by Depicter plugin for WordPress is susceptible to a generic SQL Injection issue. This is due to insufficient escaping of user-supplied data and a lack of proper preparation of existing SQL queries via the

s

parameter. This allows unauthenticated attackers to inject additional SQL queries into existing ones, potentially enabling them to extract sensitive information from the database, including user password hashes. The plugin is installed on over 100,000 websites. The vulnerable component is located at the

/wp-admin/admin-ajax.php

endpoint, specifically within an AJAX request handler. Attackers can inject arbitrary SQL queries, extract all password hashes from the

wp users

table, and potentially perform offline brute-force attacks. A proof-of-concept is publicly available.

Recommendations Versions prior to and including 3.6.1 are affected. Update the Slider & Popup Builder by Depicter plugin to a version later than 3.6.1.