CVE-2022-0785 — AI Deep Analysis Summary

🚨 **Essence**: SQL Injection (SQLi) in 'Daily Prayer Time' plugin. 📉 **Consequences**: Attackers can steal, modify, or delete database content. 💥 **Impact**: Full compromise of the WordPress site's data integrity.

🛡️ **CWE**: CWE-89 (SQL Injection). 🔍 **Flaw**: The plugin fails to sanitize/escape the `month` parameter. 📝 **Context**: This happens inside the `get_monthly_timetable` AJAX action before using it in a SQL statement.

📦 **Product**: WordPress Plugin 'Daily Prayer Time'. 📅 **Affected Versions**: Versions prior to **2022.03.01**. 🌐 **Platform**: WordPress sites running this specific plugin.

💀 **Hackers Can**: Execute arbitrary SQL commands. 🗄️ **Data Access**: Read sensitive database info (users, configs). ✏️ **Actions**: Modify or delete critical site data. 🚪 **Access**: No login required!

🔓 **Auth**: **Unauthenticated**. 🚀 **Threshold**: **LOW**. Anyone on the internet can trigger the `get_monthly_timetable` AJAX endpoint. No credentials needed to start exploitation.

📜 **PoC Available**: Yes. 🔗 **Source**: Nuclei templates (projectdiscovery). 🌍 **Wild Exploit**: High risk due to low barrier to entry. Automated scanners likely detect this.

🔍 **Check**: Scan for the plugin 'Daily Prayer Time'. 🧪 **Test**: Trigger `get_monthly_timetable` AJAX with malicious `month` payloads. 🛠️ **Tool**: Use Nuclei or SQLMap to verify the injection point.

🔧 **Fix**: Upgrade to version **2022.03.01** or later. ✅ **Status**: Patched. The developers fixed the sanitization issue in the newer release.

🚫 **No Patch?**: Disable the plugin immediately. 🛑 **Mitigation**: Block access to `admin-ajax.php` if possible, or use a WAF to filter SQLi patterns in the `month` parameter.

⚡ **Priority**: **HIGH**. 📢 **Reason**: Unauthenticated access makes it easy to exploit. 📅 **Age**: Published in 2022, but still relevant for unpatched legacy sites. Act now!