CVE-2024-5756 — AI Deep Analysis Summary

🚨 **Essence**: Time-based SQL Injection via `db` parameter. 💥 **Consequences**: Full database compromise, data theft, and system takeover. Critical impact on Confidentiality, Integrity, and Availability.

🛡️ **Root Cause**: CWE-89 (SQL Injection). 🐛 **Flaw**: Unsanitized input in the `db` parameter within `class-es-db-contacts.php`. Allows attackers to inject malicious SQL commands.

📦 **Affected**: WordPress Plugin: **Email Subscribers by Icegram Express**. 📉 **Version**: v5.7.23 and **earlier** versions. 🌐 **Vendor**: Icegram.

👮 **Privileges**: No authentication required (PR:N). 📊 **Data**: High impact (C:H, I:H, A:H). Hackers can read, modify, or delete all database contents. 💾 **Scope**: User data, emails, and plugin settings exposed.

⚡ **Threshold**: LOW. 🚫 **Auth**: None required (PR:N). 🖱️ **UI**: None required (UI:N). 🌍 **Network**: Remote (AV:N). 🎯 **Complexity**: Low (AC:L). Easy to exploit for anyone.

📜 **Public Exp?**: No specific PoC code provided in data. 🔍 **References**: WordFence and WordPress Trac links available. ⚠️ **Status**: CVSS 8.6 indicates high exploitability potential, even without public code.

🔍 **Check**: Scan for plugin **Email Subscribers by Icegram Express**. 📋 **Version**: Verify if version ≤ 5.7.23. 🛠️ **Tool**: Use vulnerability scanners detecting CWE-89 in WordPress plugins.…

✅ **Fixed**: Yes. 📅 **Date**: Published 2024-06-21. 🔄 **Patch**: Update to latest version via WordPress Trac changeset 3101638. 🛡️ **Action**: Immediate update recommended.

🚧 **Workaround**: If update delayed, **disable** the plugin immediately. 🚫 **Remove**: Delete plugin files if not needed. 🛡️ **WAF**: Use Web Application Firewall to block SQL injection patterns in `db` parameter.…

🔥 **Urgency**: CRITICAL. 🚨 **Priority**: P1 (Immediate Action). 📉 **CVSS**: 8.6 (High). 🏃 **Action**: Patch NOW. No auth needed makes this a high-priority target for automated bots.