Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Remote unauthenticated SQLi in a WordPress plugin warrants AV:N/AC:L/PR:N/UI:N; I assess S:U and I:H because injection in the same wp database typically allows reads and writes without crossing a security authority.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VillaTheme GIFT4U allows Blind SQL Injection.
This issue affects GIFT4U: from n/a through 1.0.10.
AnalysisAI
Blind SQL injection in the VillaTheme GIFT4U WordPress plugin (versions through 1.0.10) allows remote unauthenticated attackers to inject arbitrary SQL into backend queries via unsanitized user input. The CVSS 9.3 score reflects a scope-changed impact with high confidentiality loss and partial availability impact, though no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires only that a WordPress site has the VillaTheme GIFT4U plugin installed and activated at version 1.0.10 or earlier, with the vulnerable endpoint reachable over HTTP/HTTPS - consistent with the CVSS AV:N/AC:L/PR:N/UI:N vector. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L) describes a fully remote, unauthenticated, low-complexity attack with scope change and high confidentiality impact - a profile that normally maps to mass-scannable WordPress plugin exploitation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker scans WordPress sites for the GIFT4U plugin signature, then sends crafted HTTP requests to a vulnerable gift-card lookup or redemption endpoint with boolean- or time-based SQL payloads in a parameter such as a gift code or order ID. Because the injection is blind, the attacker uses sqlmap or a custom script to enumerate wp_users password hashes, secret keys from wp_options, and customer PII over many requests. … |
| Remediation | No vendor-released patch identified at time of analysis - the Patchstack advisory documents the issue through version 1.0.10 without naming a fixed release, so administrators should monitor https://patchstack.com/database/wordpress/plugin/gift4u-gift-cards-all-in-one-for-woo/vulnerability/wordpress-gift4u-plugin-1-0-10-sql-injection-vulnerability and VillaTheme's changelog for an update beyond 1.0.10 and apply it immediately when released. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all WordPress instances using GIFT4U v1.0.10 or earlier; immediately deactivate and remove the plugin; review database logs for suspicious SQL patterns. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today