CVE-2025-10635

HIGH 7.7

Find Me On <= 2.0.9.1 - Subscriber+ SQL Injection

CVSS Score

7.7

EPSS Score

0.0%

EPSS Percentile

8th

The Find Me On WordPress plugin through 2.0.9.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing subscribers and above to perform SQL injection attacks

Vendor	unknown
Product	find me on
Published	Oct 8, 2025
Last Updated	Apr 2, 2026

Stay Ahead of the Next One

Get instant alerts for unknown find me on

Be the first to know when new high vulnerabilities affecting unknown find me on are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Find Me On

0 ≤ 2.0.9.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/92e965aa-45fc-4189-a341-1ecac656ebf3/

Credits

Khaled Alenazi (Nxploited) WPScan