top of page
perceptive_background_267k.jpg

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Riode Core riode-core allows Blind SQL Injectio…

Published:

4 maart 2026 om 23:00:00

Alert date:

5 maart 2026 om 20:09:02

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Database & Storage

A blind SQL injection vulnerability has been identified in the don-themes Riode Core WordPress plugin. The vulnerability is classified as CVE-2025-69338 and affects all versions of Riode Core from an unknown starting version through version 1.6.26. The issue stems from improper neutralization of special elements used in SQL commands, allowing attackers to perform blind SQL injection attacks. This vulnerability could potentially allow unauthorized database access and data extraction. Users of the affected plugin versions should update to a patched version as soon as it becomes available.

Technical details

Mitigation steps:

Affected products:

Riode Core WordPress Plugin

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-69338
https://patchstack.com/database/Wordpress/Plugin/riode-core/vulnerability/wordpress-riode-core-plugin-1-6-26-sql-injection-vulnerability?_s_id=cve

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page