CVE-2020-11530

CRITICAL EXPLOITED NUCLEI

idangero chop_slider - Blind SQL Injection via id GET Parameter

Title source: llm

Exploitation Summary

CVE-2020-11530 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including SunCSR, h00die, SunCSR, Callum Murphy <[email protected]>, including a Metasploit module auxiliary/scanner/http/wp_chopslider_id_sqli. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a blind SQL injection vulnerability in the ChopSlider3 WordPress plugin (version <= 3.4). The vulnerability arises from unsanitized user input in the 'id' parameter, allowing attackers to execute arbitrary SQL queries.

Description

A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to get_script/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user.

Exploits (2)

exploitdb WORKING POC

by SunCSR · textwebappsphp

https://www.exploit-db.com/exploits/48457

View Code ZIP pw:eip

This exploit demonstrates a blind SQL injection vulnerability in the ChopSlider3 WordPress plugin (version <= 3.4). The vulnerability arises from unsanitized user input in the 'id' parameter, allowing attackers to execute arbitrary SQL queries.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: ChopSlider3 WordPress Plugin <= 3.4

No auth needed

Prerequisites: Access to the vulnerable WordPress plugin endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC

by h00die, SunCSR, Callum Murphy <[email protected]> · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wp_chopslider_id_sqli.rb

View Code ZIP pw:eip

This Metasploit module exploits a blind SQL injection vulnerability in the WordPress ChopSlider3 plugin (version 3.4 and prior) via the 'id' parameter in the get_script/index.php page. It enumerates usernames and password hashes from the wp_users table using time-based blind SQLi techniques.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: WordPress ChopSlider3 plugin <= 3.4

No auth needed

Prerequisites: Target must be running WordPress with vulnerable ChopSlider3 plugin · Network access to the target

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

WordPress Chop Slider 3 - Blind SQL Injection

CRITICALVERIFIEDby theamanrawat

References (5)

Core 5

Core References

Product x_refsource_misc

https://idangero.us/

Third Party Advisory x_refsource_misc

https://github.com/idangerous/Plugins/tree/master/Chop%20Slider%203

Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2020/May/26

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/157607/WordPress-ChopSlider-3-SQL-Injection.html

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/157655/WordPress-ChopSlider3-3.4-SQL-Injection.html

Scores

CVSS v3 9.8

EPSS 0.9566

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-04-27

CWE

CWE-89

Status published

Products (1)

idangero/chop_slider 3.0

Published May 08, 2020

Tracked Since Feb 18, 2026