How severe is CVE-2025-23993?

CVE-2025-23993 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-23993

9.8CRITICAL

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RiceTheme Felan Framework felan-framework allows SQL Injection.This issue affects Felan Framework:

Published: 1/8/2026Updated: 1/8/2026

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RiceTheme Felan Framework felan-framework allows SQL Injection.This issue affects Felan Framework: from n/a through <= 1.1.3.

AI AnalysisPowered by AI

References

https://vdp.patchstack.com/database/Wordpress/Plugin/felan-framework/vulnerability/wordpress-felan-framework-plugin-1-1-3-sql-injection-vulnerability?_s_id=cve