Skip to main content

Quotes Llama CVE-2026-12512

| EUVDEUVD-2026-44595 HIGH
SQL Injection (CWE-89)
2026-07-15 WPScan GHSA-ggv5-9w8q-wh8j
8.6
CVSS 3.1 · Vendor: WPScan
Share

Severity by source

Vendor (WPScan) PRIMARY
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
vuln.today AI
7.5 HIGH

Unauthenticated network SQLi (AV:N/AC:L/PR:N/UI:N) reads arbitrary DB data (C:H) but does not write or disrupt (I:N/A:N); DB is within the app's authority so S:U.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (WPScan).

CVSS VectorVendor: WPScan

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Analysis Generated
Jul 15, 2026 - 11:23 vuln.today
CVSS changed
Jul 15, 2026 - 11:22 NVD
8.6 (HIGH)
Patch available
Jul 15, 2026 - 07:02 EUVD
CVE Published
Jul 15, 2026 - 06:00 cve.org
HIGH 8.6
CVE Published
Jul 15, 2026 - 06:00 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

The Quotes llama WordPress plugin before 3.1.6 does not properly sanitize and escape a user-supplied parameter before using it in a SQL query, allowing unauthenticated attackers to perform UNION-based SQL injection and read arbitrary data from the database, including password hashes.

AnalysisAI

UNION-based SQL injection in the Quotes Llama WordPress plugin (all versions before 3.1.6) lets unauthenticated remote attackers inject arbitrary SQL through an unsanitized request parameter and read any data from the WordPress database, including user password hashes. Publicly available exploit code exists and a vendor patch has been released; the flaw carries a high EPSS-relevant profile because it is remotely reachable with no authentication or user interaction. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify WordPress site running Quotes Llama <3.1.6
Delivery
Send crafted request with UNION SQL payload
Exploit
Injected query executes against database
Execution
Exfiltrate wp_users password hashes
Impact
Crack hashes for account takeover

Vulnerability AssessmentAI

Exploitation No special conditions - remote unauthenticated exploitation against default configurations of the Quotes Llama WordPress plugin (versions before 3.1.6), because the CVSS vector is AV:N/AC:L/PR:N/UI:N with no authentication or user interaction required. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) confirms trivial remote exploitability with no privileges or user interaction, and the impact is scoped to confidentiality (C:H, I:N, A:N) - reading data, not modifying it. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker sends a single crafted HTTP request to a WordPress site running Quotes Llama below 3.1.6, injecting a UNION-based payload into the vulnerable parameter. The response returns data from an appended SELECT, allowing the attacker to dump the wp_users table and harvest usernames and password hashes for offline cracking. …
Remediation Vendor-released patch: update the Quotes Llama plugin to version 3.1.6 or later, which is the primary and complete fix. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all WordPress installations and identify those running the Quotes Llama plugin via admin dashboard or automated scanning tools. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-12512 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy