{"id":51232,"date":"2025-06-13T08:42:32","date_gmt":"2025-06-13T08:42:32","guid":{"rendered":""},"modified":"2025-09-07T11:38:27","modified_gmt":"2025-09-07T17:38:27","slug":"cve-2025-28986-csrf-vulnerability-in-webaholicson-epicwin-plugin-allowing-sql-injection","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-28986-csrf-vulnerability-in-webaholicson-epicwin-plugin-allowing-sql-injection\/","title":{"rendered":"<strong>CVE-2025-28986: CSRF Vulnerability in Webaholicson Epicwin Plugin Allowing SQL Injection<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>CVE-2025-28986 is a critical Cross-Site Request Forgery (CSRF) vulnerability found in the Webaholicson Epicwin Plugin that can lead to SQL Injection attacks. This vulnerability is of particular concern to individuals and organizations utilizing the Epicwin Plugin version 1.5 and earlier. A successful exploit of this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-3260-security-vulnerability-in-grafana-api-endpoints-leading-to-permission-bypass\/\"  data-wpil-monitor-id=\"57652\">vulnerability could potentially compromise the entire system or lead<\/a> to significant data leakage.<br \/>\nGiven its high Common <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-22040-race-condition-vulnerability-in-linux-kernel-resulting-in-potential-system-compromise\/\"  data-wpil-monitor-id=\"57880\">Vulnerability Scoring System<\/a> (CVSS) score of 8.2, it is essential to address this vulnerability promptly. A successful attack could have severe consequences, including <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2021-47668-linux-kernel-vulnerability-leading-to-potential-system-compromise-or-data-leakage\/\"  data-wpil-monitor-id=\"57653\">system compromise and potential data<\/a> leakage.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-28986<br \/>\nSeverity: High (8.2 CVSS Score)<br \/>\nAttack Vector: Network<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: Required<br \/>\nImpact: <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-22041-linux-kernel-vulnerability-in-ksmbd-sessions-deregister-may-lead-to-potential-system-compromise\/\"  data-wpil-monitor-id=\"57916\">System compromise and potential<\/a> data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-2580030120\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p>Webaholicson Epicwin Plugin | versions up to and including 1.5<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The CSRF vulnerability in the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-57783-xss-vulnerability-in-dot-desktop-application-allows-command-execution\/\"  data-wpil-monitor-id=\"57441\">Epicwin Plugin allows<\/a> an attacker to trick a user into triggering an unintended action in the application, leading to SQL Injection. The attacker can use this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-21480-memory-corruption-vulnerability-in-gpu-micronode-leads-to-unauthorized-command-execution\/\"  data-wpil-monitor-id=\"58496\">vulnerability to issue commands<\/a> that the application&#8217;s database understands and manipulates data accordingly. This <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-37093-severe-authentication-bypass-vulnerability-in-hpe-storeonce-software\/\"  data-wpil-monitor-id=\"57945\">vulnerability can be exploited if the user is authenticated<\/a> and has specific privileges that the attacker can abuse.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-2477622644\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>This conceptual example shows how a CSRF attack might be performed using a maliciously crafted <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-6162-critical-buffer-overflow-vulnerability-in-totolink-ex1200t-http-post-request-handler\/\"  data-wpil-monitor-id=\"80017\">HTTP request<\/a>.<\/p>\n<pre><code class=\"\" data-line=\"\">POST \/vulnerable\/endpoint HTTP\/1.1\nHost: target.example.com\nContent-Type: application\/json\n{\n&quot;csrf_payload&quot;: &quot;&#039;; DROP TABLE users;--&quot;\n}<\/code><\/pre>\n<p>In this example, if the request is processed by the server, it can lead to <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-46154-sql-time-injection-vulnerability-in-foxcms-v1-25\/\"  data-wpil-monitor-id=\"58513\">SQL Injection<\/a>, causing the &#8216;users&#8217; table to be dropped from the database.<\/p>\n<p><strong>Countermeasures<\/strong><\/p>\n<p>The most effective solution to this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-49002-critical-vulnerability-in-dataease-bypassing-patch-for-cve-2025-32966\/\"  data-wpil-monitor-id=\"59300\">vulnerability is applying the vendor-supplied patch<\/a>. If a patch cannot be applied immediately, using a Web Application Firewall (WAF) or an Intrusion Detection System (IDS) can provide temporary mitigation against <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-7457-macos-authorization-model-exploit-leading-to-potential-mitm-attacks\/\"  data-wpil-monitor-id=\"80016\">potential exploit<\/a> attempts. Regularly updating and patching <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-41646-critical-authentication-bypass-vulnerability-in-affected-software-packages\/\"  data-wpil-monitor-id=\"59299\">software can prevent many similar vulnerabilities<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview CVE-2025-28986 is a critical Cross-Site Request Forgery (CSRF) vulnerability found in the Webaholicson Epicwin Plugin that can lead to SQL Injection attacks. This vulnerability is of particular concern to individuals and organizations utilizing the Epicwin Plugin version 1.5 and earlier. A successful exploit of this vulnerability could potentially compromise the entire system or lead [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[90,74],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-51232","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-csrf","attack_vector-sql-injection"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/51232","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=51232"}],"version-history":[{"count":9,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/51232\/revisions"}],"predecessor-version":[{"id":72440,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/51232\/revisions\/72440"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=51232"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=51232"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=51232"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=51232"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=51232"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=51232"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=51232"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=51232"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=51232"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}