CVE-2026-8978
SQL Injection in OptinCraft WordPress Plugin
Publication date: 2026-06-06
Last updated on: 2026-06-06
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| optincraft | drag_and_drop_optins_and_popup_builder | to 1.2.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the OptinCraft β Drag & Drop Optins & Popup Builder for WordPress plugin, specifically in versions up to and including 1.2.0. It is a generic SQL Injection flaw that occurs via the 'order_by' parameter. This parameter is not properly escaped or prepared in the SQL query, allowing authenticated users with administrator-level access or higher to inject additional SQL commands into existing queries.
This injection can be exploited to extract sensitive information from the database by appending malicious SQL queries.
How can this vulnerability impact me? :
An attacker with administrator-level access can exploit this vulnerability to execute unauthorized SQL queries on the database.
- Extraction of sensitive information from the database.
- Potential compromise of confidential data stored within the WordPress site.
- Although the vulnerability does not affect data integrity or availability directly, it poses a significant confidentiality risk.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows authenticated attackers with administrator-level access to perform SQL Injection attacks that can extract sensitive information from the database.
Such unauthorized access and potential data extraction could lead to violations of data protection regulations like GDPR and HIPAA, which require safeguarding sensitive personal and health information.
Therefore, this vulnerability poses a risk to compliance with these standards by potentially exposing sensitive data due to insufficient input validation and database query protection.