CVE-2025-0866: Medium Vulnerability in Legoeso PDF Manager

The Legoeso PDF Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘checkedVals’ parameter in all versions up to, and including, 1.2.2 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This vulnerability allows authenticated attackers, with Author-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

With a CVSS score of 6.5, this vulnerability is classified as medium severity. Organizations that utilize the Legoeso PDF Manager plugin should be aware of the potential risk to their databases and the sensitive information they may contain. The vulnerability was disclosed on February 20, 2025.

Risk to organizations includes potential exposure of sensitive data through unauthorized database access. Attackers may leverage this vulnerability to manipulate SQL queries, potentially leading to data leakage. Organizations should prioritize patching immediately.

Currently, there are no known exploits or public proof-of-concept (PoC) available for this vulnerability. However, the lack of active exploitation does not diminish the urgency for organizations to address this issue as part of their security posture.

Organizations should address this vulnerability in their priority patch cycle to mitigate potential risks associated with SQL injection attacks.

Vulnerability Details

The Legoeso PDF Manager plugin for WordPress is vulnerable to SQL Injection due to insufficient escaping on user inputs. The vulnerability exists in all versions prior to 1.2.2. The CVSS score of 6.5 indicates a medium severity, reflecting the potential impact on confidentiality, as sensitive data may be exposed.

The attack vector is network-based, requiring authenticated access to exploit. The attack complexity is low, as it does not require advanced skills to perform the attack, and privileges required are low, meaning attackers with Author-level access can exploit this vulnerability.

The vulnerability has a confidentiality impact classified as high, indicating that successful exploitation could lead to significant data exposure, while integrity and availability impacts are none.

Technical Analysis

The root cause of this vulnerability is improper handling of user-supplied input in SQL queries. Attackers may manipulate the ‘checkedVals’ parameter, injecting their own SQL code into existing queries. This flaw allows attackers to extract sensitive data from the database without proper authorization.

The attack can be executed over the network, meaning that attackers do not need to have physical access to the system. The attack complexity is rated as low, indicating that it can be executed with minimal effort. Attackers require low privileges, as the vulnerability can be exploited by those with Author-level access.

User interaction is not required to exploit this vulnerability, which further increases the risk. If exploited, the confidentiality of data can be severely impacted, while integrity and availability remain unaffected.

Risk & Impact Analysis

Organizations using the Legoeso PDF Manager plugin face significant risks due to this vulnerability. The ability for attackers to inject SQL queries means that sensitive data, such as user information and business-critical data, could be exposed. The potential blast radius for this vulnerability extends to all users of the plugin, particularly those with privileged access.

Given the medium CVSS score, organizations should assess their risk based on their deployment of the Legoeso PDF Manager. Organizations that prioritize patching will enhance their security posture significantly against this type of vulnerability.

Organizations should address this vulnerability in priority patch cycle. The lack of known active exploitation should not reduce the urgency with which organizations address this issue, as the potential for exploitation remains.

Exploitation Status

Affected Versions

The affected versions of the Legoeso PDF Manager plugin include all versions up to and including 1.2.2. Organizations are advised to upgrade to the latest version to mitigate this vulnerability.

Mitigation & Remediation

Organizations should implement the following measures to mitigate the risk associated with this vulnerability:

1. Upgrade to the latest version of the Legoeso PDF Manager plugin.

2. Review and sanitize all user inputs to prevent SQL injection.

3. Implement web application firewalls (WAF) to filter and monitor HTTP requests.

4. Conduct regular security audits and penetration testing to identify vulnerabilities.

For further insights on how to validate fixes, organizations should consider engaging in penetration testing to ensure security measures are effective.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor for the following indicators:

1. Unusual SQL query patterns in application logs.

2. Unauthorized access attempts from users with Author-level privileges.

3. Anomalies in database access patterns, particularly related to sensitive data.

AppSecure Threat Intelligence Insight

The Legoeso PDF Manager vulnerability highlights the ongoing risks associated with insufficient input sanitization in web applications. Security teams should prioritize effective input handling to prevent SQL injection vulnerabilities.

Organizations should be aware of the broader trend in application vulnerabilities where attackers exploit similar weaknesses. For comprehensive security strategies, teams can refer to best practices in penetration testing methodology and related resources.

Additionally, organizations can enhance their defenses by participating in a vulnerability management program that continuously assesses and mitigates risks.

Finally, keeping abreast of cybersecurity trends through resources like the 2025 vulnerability exposure severity trends report can provide essential insights for proactive security measures.