Skip to main content

Amelia EUVDEUVD-2026-43359

| CVE-2026-57702 CRITICAL
SQL Injection (CWE-89)
2026-07-13 Patchstack
9.3
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
9.3 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
vuln.today AI
7.5 HIGH

Network-reachable blind SQLi with no auth per source vector, primarily confidentiality (data read); no integrity/availability impact and no cross-boundary scope change evident, so S:N/I:N/A:N.

3.1 AV:N/AC:L/PR:N/UI:N/S:N/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

2
Analysis Generated
Jul 13, 2026 - 10:51 vuln.today
CVE Published
Jul 13, 2026 - 08:41 cve.org
CRITICAL 9.3

DescriptionCVE.org

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Melograno Venture Studio Amelia ameliabooking allows Blind SQL Injection.This issue affects Amelia: from n/a through <= 2.4.2.

AnalysisAI

Blind SQL injection in the Amelia booking plugin for WordPress (Melograno Venture Studio) affects all versions from unknown initial release through 2.4.2, allowing remote attackers to inject crafted SQL into database queries and extract sensitive data via boolean/time-based inference. The CVSS 9.3 vector (AV:N/PR:N) indicates network-reachable exploitation without authentication, though this is a Patchstack-reported issue with no public exploit and no CISA KEV listing at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach public Amelia booking endpoint
Delivery
Inject blind SQL payload in parameter
Exploit
Infer results via boolean/time responses
Execution
Iterate to extract database rows
Impact
Exfiltrate customer PII and credentials

Vulnerability AssessmentAI

Exploitation Exploitation targets the Amelia plugin's booking request handling (its admin-ajax.php actions / wp-json Amelia REST endpoints) on any WordPress site running version 2.4.2 or earlier. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals are mixed and should temper the raw 9.3 score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker sends crafted requests to Amelia's public booking AJAX/REST endpoints, embedding blind SQL injection payloads (boolean or time-based) into a vulnerable parameter. By observing differences in response behavior or induced delays, the attacker iteratively reconstructs database contents such as customer PII, booking records, or WordPress user password hashes. …
Remediation No vendor-released patch version is identified in the provided data, so the primary action is to consult the Patchstack advisory (https://patchstack.com/database/Wordpress/Plugin/ameliabooking/vulnerability/wordpress-amelia-plugin-2-4-2-sql-injection-vulnerability) and upgrade Amelia to the first release published after 2.4.2 that Patchstack/Melograno designates as fixed; do not assume 2.4.2 is safe. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all WordPress instances to identify Amelia plugin deployments and current versions. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Amelia

View all
CVE-2022-0687 HIGH POC
8.8 Mar 21

The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user

CVE-2022-0627 MEDIUM POC
6.1 Mar 21

The Amelia WordPress plugin before 1.0.47 does not sanitize and escape the code parameter before outputting it back in a

CVE-2024-22298 CRITICAL
9.8 Jun 10

Missing Authorization vulnerability in TMS Amelia ameliabooking.0.98. Rated critical severity (CVSS 9.8), this vulnerabi

CVE-2022-0837 MEDIUM POC
5.4 Apr 04

The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing

CVE-2022-0825 MEDIUM POC
5.4 Apr 04

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any cu

CVE-2022-0720 MEDIUM POC
5.4 Mar 28

The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any cu

CVE-2026-48889 HIGH
8.8 Jun 15

Privilege escalation in the Amelia booking plugin for WordPress (versions 2.3 and earlier) allows an authenticated low-p

CVE-2022-0616 MEDIUM POC
4.3 Mar 21

The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting customers, which could allow a

CVE-2026-39487 HIGH
7.6 Apr 08

Blind SQL injection in Amelia WordPress plugin (ameliabooking) version 2.1.1 and earlier allows authenticated privileged

CVE-2026-40789 HIGH
7.5 Jun 15

Unauthenticated sensitive data exposure in the Amelia (Amelia Booking) WordPress plugin versions 2.2 and earlier allows

CVE-2022-0834 HIGH
7.2 Mar 23

The Amelia WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the l

CVE-2024-6332 MEDIUM
6.5 Sep 05

The Booking for Appointments and Events Calendar - Amelia Premium and Lite plugins for WordPress are vulnerable to unaut

Share

EUVD-2026-43359 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy