CVE-2018-12636

HIGH

iThemes Security <7.0.3 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2018-12636. PoCs published by Çlirim Emini, nth347.

AI-analyzed exploit summary This exploit demonstrates an authenticated SQL injection vulnerability in the iThemes Security WordPress plugin (versions <= 7.0.2). The 'orderby' parameter in the 'itsec-logs' page is vulnerable due to improper escaping, allowing arbitrary SQL command execution.

Description

The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page.

Exploits (2)

exploitdb WORKING POC

by Çlirim Emini · textwebappsphp

https://www.exploit-db.com/exploits/44943

View Code ZIP pw:eip

This exploit demonstrates an authenticated SQL injection vulnerability in the iThemes Security WordPress plugin (versions <= 7.0.2). The 'orderby' parameter in the 'itsec-logs' page is vulnerable due to improper escaping, allowing arbitrary SQL command execution.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: iThemes Security (better-wp-security) <= 7.0.2

Auth required

Prerequisites: Authenticated access to WordPress admin panel · iThemes Security plugin version <= 7.0.2

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 1 stars

by nth347 · poc

https://github.com/nth347/CVE-2018-12636_exploit

View Code ZIP pw:eip

This is a functional exploit for CVE-2018-12636, targeting an authenticated SQL injection vulnerability in the iThemes Security WordPress plugin. It uses time-based blind SQL injection to extract database information, including table and column names.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: iThemes Security (better-wp-security) <= 7.0.2

Auth required

Prerequisites: Valid WordPress admin session cookies · Access to the vulnerable plugin's admin page

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44943/

Third Party Advisory x_refsource_confirm

https://wordpress.org/plugins/better-wp-security/#developers

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E

Scores

CVSS v3 7.2

EPSS 0.3012

EPSS Percentile 98.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (1)

ithemes/security < 7.0.3

Published Jun 22, 2018

Tracked Since Feb 18, 2026