EUVD-2026-14016
GHSA-ghq8-9c7r-622r
GHSA-hh8v-hgvp-g3f5
GHSA-jp2q-39xq-3w4g
GHSA-ph8x-4jfv-v9v8
GHSA-rfx7-8w68-q57q
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4Description
The CMS Commander plugin for WordPress is vulnerable to SQL Injection via the 'or_blogname', 'or_blogdescription', and 'or_admin_email' parameters in all versions up to, and including, 2.288. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL queries in the restore workflow. This makes it possible for authenticated attackers, with CMS Commander API key access, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Analysis
The CMS Commander plugin for WordPress contains an SQL Injection vulnerability in all versions up to and including 2.288. Authenticated attackers with API key access can exploit the 'or_blogname', 'or_blogdescription', and 'or_admin_email' parameters in the restore workflow to append malicious SQL queries and extract sensitive database information. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Audit all users with API key access and document current CMS Commander plugin versions in use. Within 7 days: Implement network segmentation to restrict API access, deploy WAF rules to filter malicious SQL patterns in the affected parameters, and disable the restore workflow feature if operationally feasible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today