EUVD-2025-32262

🗓️ 03 Oct 2025 11:17:17Reported by EUVDType

Blappsta Mobile App Plugin for WordPress has SQL injection via nh_ynaa_comments() up to 0.8.8.8.

Reporter	Title	Published	Views	Family All 10
CNNVD	WordPress plugin Blappsta Mobile App SQL注入漏洞	3 Oct 202500:00	–	cnnvd
CNVD	WordPress Blappsta Mobile App plugin SQL Injection Vulnerability	13 Oct 202500:00	–	cnvd
CVE	CVE-2025-9200	3 Oct 202511:17	–	cve
Cvelist	CVE-2025-9200 Blappsta Mobile App Plugin – Your native, mobile iPhone App and Android App <= 0.8.8.8 - Unauthenticated SQL Injection	3 Oct 202511:17	–	cvelist
NVD	CVE-2025-9200	3 Oct 202512:15	–	nvd
Patchstack	WordPress Blappsta Mobile App Plugin – Your native, mobile iPhone App and Android App plugin <= 0.8.8.8 - Unauthenticated SQL Injection vulnerability	3 Oct 202500:49	–	patchstack
Positive Technologies	PT-2025-40487	3 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-9200	4 Oct 202511:53	–	redhatcve
Vulnrichment	CVE-2025-9200 Blappsta Mobile App Plugin – Your native, mobile iPhone App and Android App <= 0.8.8.8 - Unauthenticated SQL Injection	3 Oct 202511:17	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (September 29, 2025 to October 5, 2025)	9 Oct 202514:29	–	wordfence

[
  {
    "enisaIdVendor": [
      {
        "id": "8327fca2-893b-3593-b78c-2da874c45bc7",
        "vendor": {
          "name": "nebelhorn"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "315160ac-f6d7-36af-a39d-1eeaf013622f",
        "product": {
          "name": "Blappsta Mobile App Plugin – Your native, mobile iPhone App and Android App"
        },
        "product_version": "* ≤0.8.8.8"
      }
    ]
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/9169931c-a679-4801-b33b-08c4f464dc43
wordpress	www.wordpress.org/plugins/yournewsapp/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-9200

03 Oct 2025 18:15Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.17.5

EPSS0.00108

SSVC