CVE-2017-20245
Description
Wow Viral Signups 2.1 WordPress plugin has an SQL injection vulnerability in admin-ajax.php, allowing unauthenticated attackers to extract database information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Wow Viral Signups 2.1 WordPress plugin has an SQL injection vulnerability in admin-ajax.php, allowing unauthenticated attackers to extract database information.
Vulnerability
The Wow Viral Signups WordPress plugin, specifically version 2.1 and earlier, contains an SQL injection vulnerability. This flaw exists in the admin-ajax.php endpoint and is triggered by the unescaped idsignup POST parameter. The vulnerability allows for the extraction of database information.
Exploitation
An unauthenticated attacker can exploit this vulnerability by sending crafted POST requests to the admin-ajax.php endpoint. These requests must include malicious SQL payloads within the idsignup parameter. The exploit requires network accessibility to the target WordPress site and does not necessitate any user interaction or prior authentication [3], [4].
Impact
Successful exploitation allows an attacker to read arbitrary data from the database. In cases of web server misconfiguration, there is a possibility of gaining read and write access to the filesystem, although this is not guaranteed [3].
Mitigation
This vulnerability was not fixed at the time of the exploit's release on March 29, 2017 [3]. Information regarding a patched version or official workarounds is not available in the provided references. Users are advised to check for updates from the vendor or consider disabling the plugin if a patch is not available.
AI Insight generated on Jun 9, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=2.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The 'idsignup' POST parameter is not properly escaped, allowing for SQL injection."
Attack vector
An unauthenticated attacker can exploit this vulnerability by sending crafted POST requests to the admin-ajax.php endpoint. The malicious payload is injected into the 'idsignup' parameter. This allows the attacker to read arbitrary data from the database [ref_id=1]. The exploit uses SQL injection techniques, such as boolean-based blind and time-based blind payloads, to extract information [ref_id=1].
Affected code
The vulnerability lies within the Wow Viral Signups WordPress plugin, specifically version 2.1. The 'idsignup' POST parameter is identified as the vulnerable input point within the admin-ajax.php file [ref_id=1].
What the fix does
The advisory does not specify a patch or fix for this vulnerability. It notes that the vulnerability was not fixed at the time of the exploit's release date [ref_id=1]. Therefore, the recommended remediation is to upgrade to a version that addresses this issue, though no such version is indicated.
Preconditions
- inputThe 'idsignup' POST parameter must be present in the request.
- authThe attacker does not require any authentication.
Reproduction
sqlmap -u "http://server/wp-admin/admin-ajax.php" --data "action=mwp_signup_send&email=GING%40MAIL.RU&hvost=%3Fpage_id%3D47&idsignup=1" --dbs --threads=10 --random-agent --dbms mysql
Parameter: idsignup (POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: action=mwp_signup_send&email=GING@MAIL.RU&hvost=?page_id=47&idsignup=1 AND 5272=5272
Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: action=mwp_signup_send&email=GING@MAIL.RU&hvost=?page_id=47&idsignup=1 AND (SELECT * FROM (SELECT(SLEEP(5)))hXXu) [ref_id=1]
Generated on Jun 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5News mentions
0No linked articles in our index yet.