Wp Cta Call Now Button Sticky Button Call To Action Builder
Monthly
Unauthenticated SQL injection in the WP CTA (Sticky CTA Builder / Call Now Button) WordPress plugin through version 2.2.2 lets remote attackers extract database contents - including administrator password hashes - via the 'fildname' parameter of the ajaxCheck() AJAX endpoint. Because the handler is registered through wp_ajax_nopriv_ and performs no capability or nonce checks, exploitation requires no login. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the flaw is trivially reachable and reported by Wordfence.
Unauthenticated SQL injection in the WP CTA (Sticky CTA Builder / Call Now Button) WordPress plugin through version 2.2.2 lets remote attackers extract database contents - including administrator password hashes - via the 'fildname' parameter of the ajaxCheck() AJAX endpoint. Because the handler is registered through wp_ajax_nopriv_ and performs no capability or nonce checks, exploitation requires no login. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the flaw is trivially reachable and reported by Wordfence.