This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Unauthenticated SQL Injection (SQLi) in WordPress plugin 'Email Subscribers'. π₯ **Consequences**: Attackers can bypass authentication and manipulate the database.β¦
π‘οΈ **Root Cause**: CWE-89 (SQL Injection). π **Flaw**: Insufficient escaping of user-supplied parameters and inadequate preparation of SQL queries. Specifically, the `hash` parameter is exploited.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: WordPress Plugin: Email Subscribers & Newsletters. π’ **Vendor**: Icegram. π **Versions**: Version 5.7.20 and earlier.
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: Full database access. π **Data Impact**: High Confidentiality, Integrity, and Availability impact (CVSS: H/H/H). π **Privileges**: Unauthenticated access means anyone on the internet can explβ¦
π **Exploitation**: YES, Public PoCs exist. π **Sources**: GitHub repositories (e.g., truonghuuphuc, cve-2024, TgHook) and ProjectDiscovery Nuclei templates. π₯ **Status**: Actively exploitable via the `hash` parameter.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for the plugin 'Email Subscribers' by Icegram. π **Version Check**: Verify if version is <= 5.7.20. π§ͺ **Test**: Use Nuclei templates or manual PoC scripts targeting the `hash` parameter in subscripβ¦
π§ **No Patch?**: Disable the plugin immediately if possible. π‘οΈ **WAF**: Implement Web Application Firewall rules to block SQL injection patterns in the `hash` parameter. π **Access Control**: Restrict access to WordPresβ¦
π₯ **Urgency**: CRITICAL. β οΈ **Priority**: P1. π’ **Reason**: Unauthenticated, high impact, and public exploits are available. Immediate patching is required to prevent data breaches.