CVE-2020-13640

CRITICAL EXPLOITED NUCLEI

wpDiscuz < 5.3.5 - SQL Injection via wpdLoadMoreComments Order Parameter

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2020-13640 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including asterite3. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit leverages a SQL injection vulnerability in the wpDiscuz WordPress plugin (CVE-2020-13640) to extract sensitive data such as user credentials and database table names. It uses a time-based blind SQLi technique with binary search to efficiently extract data.

Description

A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. (No 7.x versions are affected.)

Exploits (1)

nomisec WORKING POC 1 stars
by asterite3 · poc
https://github.com/asterite3/CVE-2020-13640

This exploit leverages a SQL injection vulnerability in the wpDiscuz WordPress plugin (CVE-2020-13640) to extract sensitive data such as user credentials and database table names. It uses a time-based blind SQLi technique with binary search to efficiently extract data.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: wpDiscuz WordPress plugin (versions prior to fix for CVE-2020-13640)
No auth needed
Prerequisites: Target must have the vulnerable wpDiscuz plugin installed · AJAX endpoint must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

wpDiscuz <= 5.3.5 - SQL Injection
CRITICALVERIFIEDby Sourabh-Sahu
FOFA: body="/wp-content/plugins/wpdiscuz"

References (5)

Core 5
Core References
Release Notes, Third Party Advisory x_refsource_misc
https://wordpress.org/plugins/wpdiscuz/#developers
Third Party Advisory x_refsource_misc
https://plugins.trac.wordpress.org/changeset/2323200
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2020/07/06/1

Scores

CVSS v3 9.8
EPSS 0.1271
EPSS Percentile 95.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2020-12-06
CWE
CWE-89
Status published
Products (1)
gvectors/wpdiscuz < 5.3.5
Published Jun 18, 2020
Tracked Since Feb 18, 2026