CVE-2024-55980

CRITICAL

Webriderz Wr Age Verification <2.0.0 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-55980. PoCs published by RandomRobbieBF.

AI-analyzed exploit summary This repository contains a proof-of-concept for an unauthenticated SQL injection vulnerability in the Wr Age Verification WordPress plugin (versions up to and including 2.0.0). The PoC uses sqlmap to demonstrate exploitation via the 'id' parameter in an AJAX endpoint.

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in robindkumar Wr Age Verification wr-age-verification allows SQL Injection.This issue affects Wr Age Verification: from n/a through <= 2.0.0.

Exploits (1)

nomisec WORKING POC
by RandomRobbieBF · poc
https://github.com/RandomRobbieBF/CVE-2024-55980

This repository contains a proof-of-concept for an unauthenticated SQL injection vulnerability in the Wr Age Verification WordPress plugin (versions up to and including 2.0.0). The PoC uses sqlmap to demonstrate exploitation via the 'id' parameter in an AJAX endpoint.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Wr Age Verification WordPress plugin <= 2.0.0
No auth needed
Prerequisites: Access to the target WordPress site · sqlmap installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.3
EPSS 0.0070
EPSS Percentile 48.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (2)
robindkumar/Wr Age Verification < 2.0.0
Webriderz/Wr Age Verification < 2.0.0
Published Dec 16, 2024
Tracked Since Feb 18, 2026