Skip to main content

Unicamp WordPress Theme EUVDEUVD-2025-210400

| CVE-2025-69094 HIGH
SQL Injection (CWE-89)
2026-07-02 Patchstack GHSA-gq2f-q58f-r6j8
8.5
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
8.5 HIGH
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
vuln.today AI
8.5 HIGH

Network-reachable SQLi needing a Subscriber account (PR:L) and no interaction; high confidentiality data read with scope change, no integrity impact and only limited availability effect.

3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Jul 02, 2026 - 12:05 vuln.today

DescriptionCVE.org

Subscriber SQL Injection in Unicamp <= 2.2.2 versions.

AnalysisAI

SQL injection in the Unicamp WordPress theme (versions 2.2.2 and earlier) by ThemeMove allows an attacker holding a low-privilege Subscriber account to inject arbitrary SQL into backend database queries. Because the CVSS scope is marked changed with high confidentiality impact, a successful attacker can read data beyond their normal authorization boundary, including other users' records and potentially credentials stored in the WordPress database. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.

Technical ContextAI

The affected component is the Unicamp commercial education/LMS theme for WordPress distributed by vendor ThemeMove (CPE cpe:2.3:a:thememove:unicamp:*). The root cause is CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), meaning user-controlled input reaching a Subscriber-accessible endpoint is concatenated into a SQL statement without proper parameterization or sanitization. In WordPress themes this class of bug typically arises when AJAX handlers or theme-specific query functions pass request parameters directly into $wpdb queries rather than using prepared statements, allowing an authenticated user to alter query logic.

RemediationAI

Upgrade the Unicamp theme to a fixed release above 2.2.2 as published by ThemeMove; the input data does not specify an exact patched version, so consult the Patchstack advisory (https://patchstack.com/database/wordpress/theme/unicamp/vulnerability/wordpress-unicamp-theme-2-2-2-sql-injection-vulnerability) and the ThemeMove changelog for the corrected build before deploying. Until a confirmed fixed version is applied, reduce exposure by disabling open user self-registration (Settings > General > 'Anyone can register') to remove the Subscriber-account prerequisite, at the cost of blocking legitimate new sign-ups; restrict or virtually patch the vulnerable theme AJAX/query endpoint using a WordPress WAF or Patchstack's virtual patching, which may interfere with theme functionality if rules are overly broad; and audit existing Subscriber accounts for suspicious registrations. Because a released patched version is not independently confirmed here, verify the fix version with the vendor rather than assuming any specific number.

Share

EUVD-2025-210400 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy