Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Network-reachable SQLi requiring the Sales Representative role (PR:L) with no user interaction; scope changes to the shared DB, high confidentiality, no integrity, low availability per vendor data.
Primary rating from Vendor (patchstack).
CVSS VectorVendor: patchstack
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
Sales Representative SQL Injection in Groundhogg <= 4.5 versions.
AnalysisAI
SQL injection in the Groundhogg WordPress CRM/marketing-automation plugin (versions <= 4.5) allows an authenticated low-privileged user holding the Sales Representative role to inject arbitrary SQL into a database query, exposing sensitive data across the WordPress installation. The CVSS 3.1 base score is 8.5 (High) with a scope change, reflecting that compromise of the plugin's data layer reaches beyond its own privilege boundary. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated account with the Groundhogg Sales Representative role (PR:L) - this is the concrete limiting prerequisite named in the description; the bug is not reachable by anonymous/unauthenticated visitors. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The supplied CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L, score 8.5) indicates network-reachable, low-complexity exploitation requiring low privileges and no user interaction, with high confidentiality impact, no integrity impact, and low availability impact across a changed scope. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained or been granted a Sales Representative account in Groundhogg sends a crafted request to the vulnerable plugin functionality, embedding malicious SQL into a parameter that is concatenated into a backend query. Because the flaw permits high-confidentiality impact with a changed scope, the attacker extracts sensitive data such as other contacts' records, WordPress user details, or password hashes from the shared database. … |
| Remediation | No vendor-released patch version is identified in the supplied data; the only reference is the Patchstack database entry (https://patchstack.com/database/wordpress/plugin/groundhogg/vulnerability/wordpress-groundhogg-plugin-4-5-sql-injection-vulnerability?_s_id=cve), which should be checked for the fixed release, and administrators should update Groundhogg to the latest available version above 4.5 once confirmed by the vendor. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all Groundhogg installations, document versions, and restrict Sales Representative role to essential personnel only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39671
GHSA-5972-j8hw-jxcr