CVE-2024-13496 – CVE-2024-13496 is a time-based SQL injection vu... (How to Fix)

Q: What is the severity of CVE-2024-13496?

CVE-2024-13496 has a CVSS score of 7.5 (HIGH). CVE-2024-13496 is a time-based SQL injection vulnerability in the GamiPress WordPress plugin that allows unauthenticated attackers to extract sensitive database information. All WordPress sites using GamiPress versions up to 7.3.1 are affected. The vulnerability stems from insufficient input sanitization in the 'orderby' parameter.

📋 TL;DR

CVE-2024-13496 is a time-based SQL injection vulnerability in the GamiPress WordPress plugin that allows unauthenticated attackers to extract sensitive database information. All WordPress sites using GamiPress versions up to 7.3.1 are affected. The vulnerability stems from insufficient input sanitization in the 'orderby' parameter.

💻 Affected Systems

Products:

GamiPress - Gamification plugin for WordPress

Versions: All versions up to and including 7.3.1

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: All WordPress installations with GamiPress plugin enabled are vulnerable regardless of configuration.

📦 What is this software?

Gamipress by Gamipress

View all CVEs affecting Gamipress →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including user credentials, personal data, and WordPress configuration secrets leading to site takeover.

🟠

Likely Case

Extraction of sensitive user data, plugin configuration, and potentially WordPress authentication credentials.

🟢

If Mitigated

Limited information disclosure if database permissions are properly restricted and sensitive data is encrypted.

🌐 Internet-Facing: HIGH - Unauthenticated exploitation allows remote attackers to target any exposed WordPress site with the vulnerable plugin.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this, but external threat is more significant due to unauthenticated nature.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Time-based blind SQL injection requires specialized tools and knowledge but is well-documented in security research.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.3.2

Vendor Advisory: https://wordpress.org/plugins/gamipress/#developers

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find GamiPress and click 'Update Now'. 4. Verify version shows 7.3.2 or higher.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Disable the GamiPress plugin until patched to prevent exploitation

wp plugin deactivate gamipress

🧯 If You Can't Patch

Implement WAF rules to block SQL injection patterns targeting the 'orderby' parameter
Restrict database user permissions to SELECT only on necessary tables

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → GamiPress version. If version is 7.3.1 or lower, you are vulnerable.

Check Version:

wp plugin get gamipress --field=version

Verify Fix Applied:

After updating, confirm GamiPress version shows 7.3.2 or higher in WordPress plugins list.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in WordPress or database logs
Multiple requests with 'orderby' parameter containing SQL syntax

Network Indicators:

HTTP requests with SQL keywords in 'orderby' parameter
Unusual timing patterns in AJAX requests to GamiPress endpoints

SIEM Query:

web.url:*gamipress* AND (web.param.orderby:*SELECT* OR web.param.orderby:*UNION* OR web.param.orderby:*SLEEP*)

📊 Metadata

CVE ID: CVE-2024-13496

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-89

EPSS Score: 40.34% exploit probability (97.2th percentile)

Published: January 22, 2025

Last Updated: March 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13496, you might also want to check these: