This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical SQL Injection (SQLi) flaw in the WordPress **Quiz Maker** plugin.β¦
π‘οΈ **Root Cause**: **CWE-89** (Improper Neutralization of Special Elements used in an SQL Command). The plugin fails to properly escape the `ays_questions` parameter before using it in SQL queries. π
Q3Who is affected? (Versions/Components)
π¦ **Affected**: **WordPress Plugin: Quiz Maker** by vendor **ays-pro**. π **Versions**: All versions **β€ 6.5.8.3**. If you are running this or older, you are at risk!
Q4What can hackers do? (Privileges/Data)
π΅οΈ **Attacker Capabilities**: Unauthenticated access allows appending malicious SQL queries. π **Impact**: High risk of extracting sensitive data (user credentials, site config) directly from the database.β¦
π **Threshold**: **LOW**. No authentication (PR:N) is required. π Network access (AV:N) and Low complexity (AC:L) make this extremely easy to exploit for anyone with internet access to the target site.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π£ **Public Exploits**: **YES**. Multiple PoCs are available on GitHub (e.g., `truonghuuphuc/CVE-2024-6028-Poc`) and Nuclei templates. β οΈ Wild exploitation is highly likely given the simplicity of the flaw.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Use automated scanners like **Nuclei** with the specific CVE-2024-6028 template. π§ͺ Manually test the `ays_questions` parameter for time-based SQL injection responses.β¦
π§ **No Patch Workaround**: If you cannot update, disable the Quiz Maker plugin entirely. π Implement a WAF (Web Application Firewall) rule to block SQL injection patterns in the `ays_questions` parameter.β¦
π₯ **Urgency**: **CRITICAL**. π¨ CVSS Vector `AV:N/AC:L/PR:N` means it's remote, easy, and free to exploit. Patch immediately to prevent data breaches. Do not ignore this!