CVE-2014-3961

WordPress Participants Database <1.5.4.9 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3961. PoCs published by Yarubo Research Team.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated SQL injection vulnerability in Participants Database for WordPress <= 1.5.4.8. The 'export CSV' action allows arbitrary SQL execution via the 'query' parameter, enabling an attacker to create an admin user or perform other malicious database operations.

Description

SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an "output CSV" action to pdb-signup/.

Exploits (1)

exploitdb WORKING POC
by Yarubo Research Team · textwebappsphp
https://www.exploit-db.com/exploits/33613

This exploit demonstrates an unauthenticated SQL injection vulnerability in Participants Database for WordPress <= 1.5.4.8. The 'export CSV' action allows arbitrary SQL execution via the 'query' parameter, enabling an attacker to create an admin user or perform other malicious database operations.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Participants Database for WordPress <= 1.5.4.8
No auth needed
Prerequisites: Participants Database plugin installed and active · Shortcode (e.g., signup page) accessible to unauthenticated users
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Exploit, URL Repurposed x_refsource_misc
https://www.yarubo.com/advisories/1
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/33613
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Jun/0
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/show/osvdb/107626
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/67769

Scores

EPSS 0.0564
EPSS Percentile 92.0%

Details

CWE
CWE-89
Status published
Products (9)
xnau/participants_database 1.5.4
xnau/participants_database 1.5.4.1
xnau/participants_database 1.5.4.2
xnau/participants_database 1.5.4.3
xnau/participants_database 1.5.4.4
xnau/participants_database 1.5.4.5
xnau/participants_database 1.5.4.6
xnau/participants_database 1.5.4.7
xnau/participants_database < 1.5.4.8
Published Jun 04, 2014
Tracked Since Feb 18, 2026