{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/joomsport--for-sports-team--league-football-hockey--more-plugin--5.7.7/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2026-6929"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["JoomSport – for Sports: Team \u0026 League, Football, Hockey \u0026 more plugin \u003c= 5.7.7"],"_cs_severities":["high"],"_cs_tags":["sqli","wordpress","cve-2026-6929","joomsport","injection"],"_cs_type":"threat","_cs_vendors":["WordPress"],"content_html":"\u003cp\u003eThe JoomSport – for Sports: Team \u0026amp; League, Football, Hockey \u0026amp; more plugin for WordPress is susceptible to a time-based blind SQL Injection vulnerability. This flaw, identified as CVE-2026-6929, affects all versions up to and including 5.7.7. The vulnerability exists due to insufficient input sanitization of the \u0026lsquo;sortf\u0026rsquo; parameter and inadequate preparation of the SQL query. This allows unauthenticated attackers to inject malicious SQL code into existing queries, potentially leading to the extraction of sensitive database information. Successful exploitation could compromise the integrity and confidentiality of the WordPress site\u0026rsquo;s data.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker sends a malicious HTTP request to the WordPress site.\u003c/li\u003e\n\u003cli\u003eThe request targets an endpoint that utilizes the JoomSport plugin.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts the request to include a \u0026lsquo;sortf\u0026rsquo; parameter containing a time-based blind SQL injection payload.\u003c/li\u003e\n\u003cli\u003eThe JoomSport plugin processes the request without properly sanitizing the \u0026lsquo;sortf\u0026rsquo; parameter.\u003c/li\u003e\n\u003cli\u003eThe unsanitized input is incorporated into an SQL query executed against the WordPress database.\u003c/li\u003e\n\u003cli\u003eThe injected SQL code leverages time-based delays to infer information about the database structure and content.\u003c/li\u003e\n\u003cli\u003eThe attacker analyzes the response times to determine the results of the injected SQL queries.\u003c/li\u003e\n\u003cli\u003eThrough repeated requests, the attacker extracts sensitive information, such as usernames, passwords, or other confidential data stored in the database.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows unauthenticated attackers to extract sensitive data from the WordPress database. This could include usernames, passwords, email addresses, and other confidential information. The impact ranges from data breaches and compromised user accounts to potential defacement of the website and further malicious activities. If the database contains sensitive financial data, the consequences could be even more severe.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the JoomSport – for Sports: Team \u0026amp; League, Football, Hockey \u0026amp; more plugin to the latest version to patch CVE-2026-6929.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect CVE-2026-6929 Exploitation Attempt via JoomSport SQL Injection\u0026rdquo; to your SIEM to identify potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious requests containing SQL injection payloads in the \u0026lsquo;sortf\u0026rsquo; parameter to identify and block malicious activity.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-13T15:51:02Z","date_published":"2026-05-13T15:51:02Z","id":"https://feed.craftedsignal.io/briefs/2026-05-joomsport-sqli/","summary":"The JoomSport plugin for WordPress is vulnerable to time-based blind SQL Injection (CVE-2026-6929) via the 'sortf' parameter in versions up to 5.7.7, allowing unauthenticated attackers to extract sensitive information from the database.","title":"JoomSport WordPress Plugin Vulnerable to Time-Based Blind SQL Injection (CVE-2026-6929)","url":"https://feed.craftedsignal.io/briefs/2026-05-joomsport-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — JoomSport – For Sports: Team \u0026 League, Football, Hockey \u0026 More Plugin \u003c= 5.7.7","version":"https://jsonfeed.org/version/1.1"}