cbcvebase.
CVE-2023-1730
published 2023-05-02

CVE-2023-1730: The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated…

PriorityP276critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
40.59%
98.5th percentile
The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks

Affected

1 ranges
VendorProductVersion rangeFixed in
supportcandysupportcandy< 3.1.53.1.5

Detection & IOCsextracted from sources · hover to see the quote

sigma
title: SupportCandy SQLi Detection
detection:
  selection:
    - 'status_code == 200'
    - 'contains(body, "supportcandy")'
  condition: and
  • Unauthenticated SQL injection attempts targeting SupportCandy WordPress plugin (before 3.1.5) can be detected by monitoring HTTP responses with status code 200 containing 'supportcandy' in the body, particularly for anomalous SQL metacharacters (e.g., quotes, UNION, SELECT) in request parameters.
  • The nuclei-style fingerprint checks for HTTP 200 responses with 'supportcandy' in the body as a presence indicator for the vulnerable plugin.
  • ·The vulnerable version range is SupportCandy WordPress plugin before 3.1.5; ensure version-based detection or patching targets this boundary.
  • ·The SQL injection is exploitable by unauthenticated attackers, meaning no authentication bypass is required — WAF/IDS rules should not restrict detection to authenticated sessions.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.