Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Network-reachable, low-complexity SQLi needing a Contributor account (PR:L); confidentiality high from DB read, scope unchanged within the WordPress DB, integrity/availability impact not established.
Primary rating from Vendor (patchstack).
CVSS VectorVendor: patchstack
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
Contributor SQL Injection in WP Post Author <= 3.9.1 versions.
AnalysisAI
SQL injection in the WP Post Author WordPress plugin (versions 3.9.1 and earlier) allows authenticated users with Contributor-level access to inject arbitrary SQL into the site database. Because exploitation requires only a low-privilege account (PR:L) over the network with no user interaction, any site that permits self-registration or has untrusted contributors is at material risk of database content disclosure. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated WordPress account at Contributor privilege level or higher (CVSS PR:L) on a site running WP Post Author version 3.9.1 or earlier; the attack is performed remotely over the network (AV:N) with low complexity (AC:L) and no victim interaction (UI:N). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The supplied CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L, base 8.5) indicates an easily reachable, low-privilege, high-confidentiality issue, consistent with a Contributor-triggered SQLi. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker registers or obtains a Contributor account on a WordPress site running WP Post Author <= 3.9.1, then submits a crafted value to the plugin's vulnerable parameter that injects SQL into a backend query. The injection is used to extract sensitive rows - for example password hashes and secret keys from wp_users/wp_usermeta - enabling further account compromise. … |
| Remediation | Upgrade WP Post Author to the latest release above 3.9.1 once confirmed via the Patchstack advisory (https://patchstack.com/database/wordpress/plugin/wp-post-author/vulnerability/wordpress-wp-post-author-plugin-3-9-1-sql-injection-vulnerability?_s_id=cve); the input data does not specify an exact fixed version, so the patched build should be verified against the vendor/Patchstack listing before deployment. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all deployments of WP Post Author plugin, identify active versions, and audit contributor account controls. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39758
GHSA-chrq-mj9q-326j