Scan free
HIGHCVE-2026-5646CVSS 7.3

CVE-2026-5646: SQL Injection in Easy Blog Site

Platform

php

Component

easy-blog-site

Fixed in

1.0.1

AI Confidence: highNVDEPSS 0.0%Reviewed: May 2026
View on NVD
Save

CVE-2026-5646 describes a SQL Injection vulnerability discovered in Easy Blog Site, specifically within the login.php file. This flaw allows attackers to potentially compromise the database by manipulating the username and password parameters. The vulnerability affects versions 1.0.0 through 1.0, and a patch is currently pending release.

Impact and Attack Scenarios

Successful exploitation of CVE-2026-5646 could allow an attacker to bypass authentication and gain unauthorized access to the underlying database. This could lead to the exfiltration of sensitive data, including user credentials, personal information, and potentially even administrative privileges. Depending on the database structure and contents, an attacker could also modify or delete data, leading to data integrity issues and service disruption. The remote nature of the vulnerability means it can be exploited from anywhere with network access to the affected Easy Blog Site instance.

Exploitation Context

This vulnerability has been publicly disclosed, increasing the risk of exploitation. The availability of public information makes it more likely that attackers will actively target vulnerable instances of Easy Blog Site. The exploit's simplicity suggests a relatively low skill level is required to exploit it. No KEV listing or EPSS score is currently available.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh
Reports1 threat report

EPSS

0.01% (2% percentile)

CISA SSVC

Exploitationpoc
Automatableyes
Technical Impactpartial

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R7.3HIGHAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredNoneAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityLowRisk of sensitive data exposureIntegrityLowRisk of unauthorized data modificationAvailabilityLowRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
None — unauthenticated. No login or credentials needed to exploit.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
Low — partial or indirect data access. Attacker gains limited information.
Integrity
Low — attacker can modify some data with limited scope or impact.
Availability
Low — partial or intermittent denial of service. Attacker can degrade performance.

Affected Software

Componenteasy-blog-site
Vendorcode-projects
Affected rangeFixed in
1.0 – 1.01.0.1

Weakness Classification (CWE)

CWE-89CWE-74

Timeline

  1. Reserved
  2. Published
  3. EPSS updated
Unpatched — 48 days since disclosure

Mitigation and Workarounds

Since a patch for CVE-2026-5646 is not yet available, immediate mitigation steps are crucial. Consider implementing a Web Application Firewall (WAF) with rules to filter potentially malicious SQL injection attempts targeting the login.php endpoint. Input validation and sanitization on the username and password fields are also essential. If possible, temporarily disable or restrict access to the login functionality until a patch is released. Monitor database logs for suspicious activity and unusual queries. After a fix is released, upgrade Easy Blog Site to the patched version and confirm by testing the login functionality with various inputs, including those known to trigger SQL injection.

How to fix

Update the Easy Blog Site plugin to the latest available version, as this corrects the (SQL Injection) vulnerability in the login.php file. If an updated version is not available, consider disabling or removing the plugin until the issue is resolved.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2026-5646 — SQL Injection in Easy Blog Site?

CVE-2026-5646 is a SQL Injection vulnerability in Easy Blog Site versions 1.0.0–1.0, allowing attackers to manipulate database queries through the login.php file.

Am I affected by CVE-2026-5646 in Easy Blog Site?

If you are running Easy Blog Site version 1.0.0–1.0 and have not applied a patch, you are potentially vulnerable to this SQL Injection attack.

How do I fix CVE-2026-5646 in Easy Blog Site?

A patch is currently pending. Implement WAF rules, input validation, and monitor logs until a fix is released. Upgrade immediately upon patch availability.

Is CVE-2026-5646 being actively exploited?

The vulnerability has been publicly disclosed, increasing the likelihood of active exploitation. Monitor your systems for suspicious activity.

Where can I find the official Easy Blog Site advisory for CVE-2026-5646?

Refer to the official Easy Blog Site website or security mailing list for updates and advisories regarding CVE-2026-5646.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs