WPcalc <= 2.1 - Authenticated SQL Injection
Description
The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WPcalcdescription
Patches
Vulnerability mechanics
Root cause
"Missing input sanitization on the 'did' parameter allows SQL injection."
Attack vector
An authenticated attacker supplies a malicious value in the 'did' parameter. The plugin fails to sanitize this input before using it in a SQL statement, allowing the attacker to inject arbitrary SQL commands [CWE-89] [ref_id=1]. The attacker must have a valid WordPress account to reach the vulnerable functionality.
Affected code
The advisory does not specify exact file paths or function names. The vulnerable parameter is 'did', which is passed unsanitized into a SQL statement [ref_id=1]. The plugin author closed the plugin and no fix was released [ref_id=1].
What the fix does
No patch or fix has been published. The plugin author closed the plugin, and the advisory lists "No known fix" [ref_id=1]. Users should remove the plugin entirely to eliminate the vulnerability.
Preconditions
- authAttacker must have a valid WordPress user account (authenticated).
- configThe WPcalc plugin (version <= 2.1) must be installed and active.
- inputAttacker must be able to supply input to the 'did' parameter.
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- wpscan.com/vulnerability/200969eb-e2a4-4200-82d7-0c313de089afmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.