cbcvebase.
CVE-2018-16159
published 2018-08-30

CVE-2018-16159: The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template…

PriorityP183critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
49.92%
98.8th percentile
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request.

Affected

1 ranges
VendorProductVersion rangeFixed in
codemenschengift_vouchers<= 2.0.1

Detection & IOCsextracted from sources · hover to see the quote

urlwp-admin/admin-ajax.php
sigma
title: WordPress Gift Voucher CVE-2018-16159 SQLi Detection
condition: and
detection:
  - 'status_code == 200'
  - 'contains(content_type, "application/json")'
  - 'contains(body, "images") && contains(body, "title")'
  • SQL Injection is triggered via the `template_id` POST parameter in requests to `wp-admin/admin-ajax.php` with the action `wpgv_doajax_front_template`
  • Successful exploitation returns HTTP 200 with Content-Type application/json and a body containing both 'images' and 'title' fields — monitor for these response characteristics on admin-ajax.php requests involving wpgv_doajax_front_template
  • Rule digest for integrity verification of the detection signature: 4a0a004730450221009b59d3ec55632f95c7e8bc7b2675fb495fb912f04d51aba7ce21309032d980640220114c7fb0a3edde9f12efca75ba96219bb26cb4bd14f866e2e1fc16fdae651c67:922c64590222798bb761d5b6d8e72950
  • ·Vulnerability affects Gift Vouchers plugin versions through 2.0.1 only; patched versions are not affected

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.