CVE Alert: CVE-2025-10743 - maycorolbuche1 - Outdoor

CVE-2025-10743

HIGHNo exploitation known

The Outdoor plugin for WordPress is vulnerable to SQL Injection via the ‘edit’ action in all versions up to, and including, 1.3.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVSS v3.1 (7.5)

Vendor

maycorolbuche1

Product

Outdoor

Versions

* lte 1.3.2

CWE

CWE-89, CWE-89 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Published

2025-10-15T08:25:56.427Z

Updated

2025-10-15T14:37:39.882Z

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/6038accc-98ac-496c-9c53-ec06b2045324?source=cve

https://wordpress.org/plugins/outdoor/

https://plugins.trac.wordpress.org/browser/outdoor/trunk/actions.php#L73

AI Summary Analysis

Risk verdict

High risk: unauthenticated remote SQL injection in the Outdoor WordPress plugin could lead to sensitive data exposure; exploitation status is not indicated as active, but patching is urgent.

Why this matters

An unauthenticated injection allows attackers to extract data from the database without user credentials, potentially exposing customer records, credentials, or business information. Given the plugin’s broad deployment on publicly accessible WordPress sites, the blast radius includes many sites with minimal user friction for an attacker.

Most likely attack path

Remote attacker sends crafted requests to the plugin’s edit action, taking advantage of insufficient input escaping. No privileges or user interaction required, so the attacker can operate from the internet. If the attacker can access a database with high-confidentiality data, exfiltration is the primary feasible outcome; integrity could be impacted if the query allows data leakage or schema discovery.

Who is most exposed

Sites running the Outdoor plugin on publicly facing WordPress installations are at risk, especially those with outdated versions and weak database access controls.

Detection ideas

Unusual or failed SQL error messages in web/app logs tied to the plugin endpoint.
Sudden spikes in data query volumes or unexpected data returned from queries.
Anomalous access patterns to the edit action from unauthenticated IPs.
DB slowdowns or unusual query structures during routine traffic.

Mitigation and prioritisation

Patch to the latest Outdoor plugin version or apply vendor-provided fix; treat as priority despite uncertain KEV/EPSS signals.
If patching immediately isn’t possible, block or strongly rate-limit access to the edit action; implement a WAF rule set targeting SQLi patterns.
Disable the plugin temporarily on sites where patching is not feasible; verify site functionality post-remediation.
Strengthen database protections: least-privilege accounts, monitor for abnormal query activity, and enable query auditing.
Change-management: schedule patch deployment during a maintenance window; verify backups and test restore procedures. If KEV/EPSS triggers apply, elevate to priority 1.

Support Our Work

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.

AI APIs OSINT driven New features

Buy Me A Coffee Patreon

Tags: CVE, cve-2025-10743, maycorolbuche1, OSINT, outdoor, threatintel