CVE-2025-23931

Name of the Vulnerable Software and Affected Versions WordPress Local SEO versions prior to 2.3

Description The issue is related to improper neutralization of special elements used in an SQL command, allowing Blind SQL Injection. This problem enables attackers to inject malicious SQL code, potentially leading to unauthorized access or data manipulation.

Recommendations For versions prior to 2.3, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to sensitive database elements to minimize the risk of exploitation. Avoid using user-supplied input in SQL commands until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.