Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Network-reachable WordPress endpoint, low complexity, requires Subscriber auth (PR:L), no user interaction; SQLi reads cross-component data (Scope:Changed, C:H) with no integrity write and limited availability impact.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
Subscriber SQL Injection in Geo Mashup <= 1.13.19 versions.
AnalysisAI
SQL injection in the Geo Mashup WordPress plugin (versions <= 1.13.19) allows authenticated users with Subscriber-level privileges to inject arbitrary SQL queries via unsanitized input, leading to confidentiality compromise and limited availability impact across other WordPress components. No public exploit identified at time of analysis, but the low privilege barrier (any registered subscriber) on a widely-deployed plugin class makes this a meaningful risk for WordPress sites with open registration. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires (1) the Geo Mashup plugin version 1.13.19 or earlier installed and activated on a WordPress site, and (2) the attacker holding at least a WordPress Subscriber-level authenticated session (PR:L per CVSS vector) - achievable on any site permitting user registration (comments, WooCommerce customers, membership sites, BuddyPress, etc.). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L) yields 8.5 (High), driven primarily by the Scope:Changed and Confidentiality:High metrics - typical of SQLi that can read wp_users password hashes and secrets across the WordPress database. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker registers a free Subscriber account on a WordPress site that has Geo Mashup <= 1.13.19 installed and open registration enabled, then sends a crafted request to a vulnerable Geo Mashup endpoint with SQL payload embedded in a parameter. The injected query exfiltrates contents of wp_users (including password hashes), wp_options (including site secrets and API keys), and potentially session tokens, which the attacker then cracks offline or uses to pivot to administrative access. |
| Remediation | Upgrade Geo Mashup to a version newer than 1.13.19 as released by the maintainer - consult the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/geo-mashup/vulnerability/wordpress-geo-mashup-plugin-1-13-19-sql-injection-vulnerability for the exact patched version, as no vendor-released patch version was identified at time of analysis in the input. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all WordPress instances running Geo Mashup plugin ≤1.13.19 and document whether public subscriber registration is enabled. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Geo Mashup
View allThe Geo Mashup plugin before 1.10.4 for WordPress has insufficient sanitization of post editor and other user input. Rat
Stored XSS in the Geo Mashup WordPress plugin (versions through 1.13.18) allows authenticated low-privileged users to pe
Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress al
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37612