CVE-2025-30810
📋 TL;DR
This SQL injection vulnerability in the Lead Form Data Collection to CRM WordPress plugin allows attackers to execute arbitrary SQL commands through form inputs. It affects all WordPress sites using this plugin from initial versions through 3.0.1. Successful exploitation could lead to data theft, modification, or complete database compromise.
💻 Affected Systems
- Lead Form Data Collection to CRM WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including sensitive lead data, user credentials, and potential privilege escalation to full site control.
Likely Case
Data exfiltration of lead information, contact details, and potentially other WordPress database content.
If Mitigated
Limited impact if proper input validation and parameterized queries are implemented.
🎯 Exploit Status
Blind SQL injection requires more sophisticated exploitation but is still highly dangerous.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 3.0.1
Restart Required: No
Instructions:
1. Log into WordPress admin panel
2. Navigate to Plugins → Installed Plugins
3. Find 'Lead Form Data Collection to CRM'
4. Click 'Update Now' if available
5. If no update available, deactivate and remove the plugin
🔧 Temporary Workarounds
Temporary Plugin Deactivation
WordPressDisable the vulnerable plugin until patched version is available
wp plugin deactivate wp-leads-builder-any-crm
🧯 If You Can't Patch
- Implement web application firewall (WAF) with SQL injection rules
- Restrict plugin access to trusted IP addresses only
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Installed Plugins for 'Lead Form Data Collection to CRM' version 3.0.1 or earlierCheck Version:
wp plugin get wp-leads-builder-any-crm --field=versionVerify Fix Applied:
Verify plugin version is greater than 3.0.1 in WordPress admin📡 Detection & Monitoring
Log Indicators:
- Unusual SQL error messages in WordPress logs
- Multiple failed SQL queries from single IP
- Suspicious form submissions with SQL syntax
Network Indicators:
- HTTP POST requests containing SQL keywords to plugin endpoints
- Unusual database connection patterns
SIEM Query:
source="wordpress.log" AND ("SQL syntax" OR "mysql_error" OR "wpdb::prepare") AND "wp-leads-builder"