CVE-2025-10743 - Vulnerability Details

- Outdoor <= 1.3.2 - Unauthenticated SQL Injection

Description

The Outdoor plugin for WordPress is vulnerable to SQL Injection via the 'edit' action in all versions up to, and including, 1.3.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Published: 2025-10-15

Score: 7.5 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Outdoor plugin for WordPress contains an unauthenticated SQL injection vulnerability in the ‘edit’ action. User input is appended to an existing SQL query without sufficient escaping or preparation, allowing attackers to inject arbitrary statements that can read or modify database contents. The consequence is the disclosure of any data accessible through the database, such as user credentials, posts, or site configuration, compromising confidentiality and potentially integrity.

Affected Systems

All installations of the Outdoor plugin by maycorolbuche1 that are at version 1.3.2 or earlier are affected. This includes WordPress sites that have not applied any later release of the plugin.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity. The EPSS score of less than 1% suggests that exploitation is unlikely in the near term, and the vulnerability is not listed in the CISA KEV catalog. Because the flaw is unauthenticated and exists in a widely used plugin, an attacker can target a site by simply issuing a crafted request to the edit action without needing any credentials. The attack path requires only HTTP access to the vulnerable endpoint; no privileged access, local files, or user interaction is necessary beyond normal web access.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

maycorolbuche1

Outdoor

unaffected

Version	Status	Constraints
`0`	affected	≤ 1.3.2

No data.

Vendor	Product	Confidence	Versions
Wordpress	Wordpress	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Check the vendor or plugin page for an updated version of the Outdoor plugin that addresses the SQL injection vulnerability and apply it if available.
If an update is not immediately possible, temporarily disable the edit function by removing or restricting the ‘edit’ endpoint in the plugin’s settings or via .htaccess rules.
Monitor access logs for unusual SQL-like patterns or error messages that could indicate an attempt to exploit the injection point.

Generated by OpenCVE AI on April 22, 2026 at 16:49 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00098.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://plugins.trac.wordpress.org/browser/outdoor/trunk/actions.php#L73
https://wordpress.org/plugins/outdoor/
https://www.wordfence.com/threat-intel/vulnerabilities/id/6038accc-98ac-496c-9c53-ec06b2045324?source=cve

History

Mon, 20 Oct 2025 13:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wordpress Wordpress wordpress
Vendors & Products		Wordpress Wordpress wordpress

Wed, 15 Oct 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 15 Oct 2025 08:45:00 +0000

Type	Values Removed	Values Added
Description		The Outdoor plugin for WordPress is vulnerable to SQL Injection via the 'edit' action in all versions up to, and including, 1.3.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Title		Outdoor <= 1.3.2 - Unauthenticated SQL Injection
Weaknesses		CWE-89
References		https://plugins.trac.wordpress.org/browser/outdoor/trunk/actions.php#L73 https://wordpress.org/plugins/outdoor/ https://www.wordfence.com/threat-intel/vulnerabilities/id/6038accc-98ac-496c-9c53-ec06b2045324?source=cve
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}`

Subscriptions

Wordpress Wordpress

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-10-15T08:25:56.427Z

Updated: 2026-04-08T16:56:33.163Z

Reserved: 2025-09-19T18:51:20.878Z

Link: CVE-2025-10743

Vulnrichment

Updated: 2025-10-15T14:37:16.795Z

NVD

Status : Deferred

Published: 2025-10-15T09:15:41.717

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-10743

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-22T17:00:12Z

Weaknesses

CWE-89

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object