WordPress Modal Survey plugin <= 2.0.2.0.1 - SQL Injection vulnerability
wordt vertaald…Platform
wordpress
Component
modal-survey
Opgelost in
2.0.3
CVE-2025-39471 describes a SQL Injection vulnerability discovered in the Modal Survey WordPress plugin. This flaw allows attackers to inject malicious SQL code, potentially leading to unauthorized data access and manipulation. The vulnerability impacts versions from 0.0.0 through 2.0.2.0.1, but a fix is available in version 2.0.3.
Detecteer deze CVE in je project
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Impact en Aanvalsscenarioswordt vertaald…
Successful exploitation of this SQL Injection vulnerability could grant an attacker complete control over the WordPress database. They could extract sensitive user data (usernames, passwords, email addresses), modify existing data, or even delete entire tables. The impact extends beyond data theft; an attacker could potentially use the compromised database to gain a foothold on the entire WordPress server, leading to further attacks and system compromise. This vulnerability resembles other SQL Injection attacks where attackers leverage database queries to bypass security controls and access restricted information.
Uitbuitingscontextwordt vertaald…
CVE-2025-39471 was publicly disclosed on 2025-04-18. The CVSS score of 9.3 (CRITICAL) indicates a high probability of exploitation. While no public proof-of-concept (PoC) code has been released at the time of this writing, the severity of the vulnerability and the ease of SQL Injection exploitation suggest that a PoC is likely to emerge. It is not currently listed on CISA KEV, but its criticality warrants close monitoring.
Wie Loopt Risicowordt vertaald…
WordPress websites utilizing the Modal Survey plugin, particularly those running older versions (0.0.0–2.0.2.0.1), are at significant risk. Shared hosting environments where multiple websites share the same database are especially vulnerable, as a compromise of one site could potentially expose data from others. Sites with weak database user permissions are also at increased risk.
Detectiestappenwordt vertaald…
• wordpress / composer / npm:
grep -r "SELECT .* FROM" /var/www/html/wp-content/plugins/modal-survey/• generic web:
curl -I 'https://your-wordpress-site.com/wp-content/plugins/modal-survey/endpoint.php?param='; # Check for SQL injection indicators in response headersAanvalstijdlijn
- Disclosure
disclosure
Dreigingsinformatie
Exploit Status
EPSS
0.23% (46% percentiel)
CISA SSVC
CVSS-vector
Wat betekenen deze metrics?
- Attack Vector
- Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
- Attack Complexity
- Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
- Privileges Required
- Geen — geen authenticatie vereist om te exploiteren.
- User Interaction
- Geen — automatische en stille aanval. Slachtoffer doet niets.
- Scope
- Gewijzigd — aanval kan voorbij het kwetsbare component uitbreiden naar andere systemen.
- Confidentiality
- Hoog — volledig verlies van vertrouwelijkheid. Aanvaller kan alle gegevens lezen.
- Integrity
- Geen — geen integriteitsimpact.
- Availability
- Laag — gedeeltelijke of intermitterende denial of service.
Getroffen Software
Zwakheidsclassificatie (CWE)
Tijdlijn
- Gereserveerd
- Gepubliceerd
- Gewijzigd
- EPSS bijgewerkt
Mitigatie en Workaroundswordt vertaald…
The primary mitigation is to immediately upgrade the Modal Survey plugin to version 2.0.3 or later. If an upgrade is not feasible due to compatibility issues or downtime concerns, consider implementing a Web Application Firewall (WAF) rule to filter potentially malicious SQL queries targeting the vulnerable endpoints. Specifically, look for patterns indicative of SQL injection attempts, such as the use of single quotes, double quotes, semicolons, or SQL keywords. Additionally, review and restrict database user permissions to limit the potential damage from a successful attack. After upgrading, confirm the fix by attempting a SQL injection attack on the vulnerable endpoint and verifying that it is blocked.
Hoe te verhelpenwordt vertaald…
Actualice el plugin Modal Survey a la última versión disponible para mitigar la vulnerabilidad de inyección SQL. Verifique la fuente oficial del plugin (Codecanyon) para obtener la versión más reciente y las instrucciones de actualización. Asegúrese de realizar una copia de seguridad completa de su sitio web antes de aplicar cualquier actualización.
CVE Beveiligingsnieuwsbrief
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
Veelgestelde vragenwordt vertaald…
What is CVE-2025-39471 — SQL Injection in Modal Survey WordPress Plugin?
CVE-2025-39471 is a critical SQL Injection vulnerability affecting the Modal Survey WordPress plugin, allowing attackers to inject malicious SQL code and potentially access sensitive data.
Am I affected by CVE-2025-39471 in Modal Survey WordPress Plugin?
You are affected if you are using Modal Survey plugin versions 0.0.0 through 2.0.2.0.1. Check your plugin version and upgrade immediately if vulnerable.
How do I fix CVE-2025-39471 in Modal Survey WordPress Plugin?
Upgrade the Modal Survey plugin to version 2.0.3 or later. If immediate upgrade is not possible, implement a WAF rule to filter malicious SQL queries.
Is CVE-2025-39471 being actively exploited?
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of future attacks.
Where can I find the official Modal Survey advisory for CVE-2025-39471?
Refer to the Modal Survey plugin's official website or WordPress plugin repository for the latest advisory and update information.
Is jouw project getroffen?
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.