Exploitation Summary
EIP tracks 1 public exploit for CVE-2015-3313. PoCs published by Hannes Trunde.
AI-analyzed exploit summary The exploit details a blind SQL injection vulnerability in the WordPress Community Events Plugin version 1.3.5 and below. It demonstrates how to confirm the vulnerability and use sqlmap to extract sensitive data like user credentials from the database.
Description
SQL injection vulnerability in WordPress Community Events plugin before 1.4.
Exploits (1)
exploitdb
WRITEUP
by Hannes Trunde · textwebappsphp
https://www.exploit-db.com/exploits/36805
The exploit details a blind SQL injection vulnerability in the WordPress Community Events Plugin version 1.3.5 and below. It demonstrates how to confirm the vulnerability and use sqlmap to extract sensitive data like user credentials from the database.
Classification
Writeup 100%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
WordPress Community Events Plugin 1.3.5 (and below)
No auth needed
Prerequisites:
At least one planned event on the calendar · Access to the plugin's full schedule page
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (6)
Core 6
Core References
Third Party Advisory x_refsource_confirm
https://wordpress.org/plugins/community-events/#developers
Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/36805/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/74234
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/131530/WordPress-Community-Events-1.3.5-SQL-Injection.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/05/08/3
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/04/16/10
Scores
CVSS v3
9.8
EPSS
0.1846
EPSS Percentile
95.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (1)
community_events_project/community_events
< 1.3.5
Published
Sep 07, 2017
Tracked Since
Feb 18, 2026