What is the CVSS score of CVE-2019-25444?

CVE-2019-25444 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.1%.

Which versions of Fiverr Clone Script are affected by CVE-2019-25444?

A critical SQL injection vulnerability in Fiverr Clone Script 1.2.2 allows unauthenticated attackers to directly access and manipulate your database without valid credentials.

Is there a public PoC exploit available for CVE-2019-25444?

Yes, a public proof-of-concept exploit is available for CVE-2019-25444. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2019-25444?

Within 24 hours: Identify all systems running Fiverr Clone Script 1.2.2 and take inventory of exposed data classifications. Within 7 days: Implement network segmentation isolating affected systems and deploy WAF rules blocking SQL injection patterns on the page parameter; consider disabling the vulnerable feature if non-critical. Within 30 days: Evaluate alternatives to this unsupported software and develop migration timeline, or contact vendor for emergency patching; conduct forensic audit for signs of exploitation.

Fiverr Clone Script CVE-2019-25444

CRITICAL

SQL Injection (CWE-89)

2026-02-20 disclosure@vulncheck.com

SQLi Fiverr Clone Script

9.1

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

9.1 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:04 vuln.today

PoC Detected

Mar 02, 2026 - 15:16 vuln.today

Public exploit code

CVE Published

Feb 20, 2026 - 19:23 nvd

CRITICAL 9.1

DescriptionCVE.org

Fiverr Clone Script 1.2.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the page parameter. Attackers can supply malicious SQL syntax in the page parameter to extract sensitive database information or modify database contents.

AnalysisAI

SQL injection in Fiverr Clone Script 1.2.2. PoC available.

Technical ContextAI

CWE-89.

RemediationAI

Apply patch.

CVE-2019-25444 vulnerability details – vuln.today

Back

Fiverr Clone Script CVE-2019-25444

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code