{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/supsystic/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2020-37245"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Digital Publications by Supsystic 1.6.9"],"_cs_severities":["high"],"_cs_tags":["path-traversal","xss","wordpress","plugin"],"_cs_type":"advisory","_cs_vendors":["Supsystic"],"content_html":"\u003cp\u003eSupsystic Digital Publications version 1.6.9 is a WordPress plugin that suffers from both a path traversal and a stored cross-site scripting (XSS) vulnerability. The path traversal, identified as CVE-2020-37245, is located in the \u0026lsquo;Folder\u0026rsquo; input field and allows unauthenticated attackers to access arbitrary files outside of the web root by injecting directory traversal sequences (e.g., ../). The plugin also fails to properly sanitize input fields within publication settings, specifically \u0026lsquo;Area Width\u0026rsquo; and \u0026lsquo;Publication Width\u0026rsquo;, leading to stored XSS. Successful exploitation allows an attacker to execute arbitrary JavaScript code in the context of other users who view or edit the publications, potentially leading to session hijacking, defacement, or further malicious actions.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a vulnerable Supsystic Digital Publications 1.6.9 installation.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request to exploit the path traversal vulnerability by injecting directory traversal sequences in the \u003ccode\u003eFolder\u003c/code\u003e input field.\u003c/li\u003e\n\u003cli\u003eThe server processes the request without proper validation, allowing the attacker to read arbitrary files outside the web root.\u003c/li\u003e\n\u003cli\u003eAlternatively, the attacker injects malicious JavaScript code into the \u0026lsquo;Area Width\u0026rsquo; or \u0026lsquo;Publication Width\u0026rsquo; parameters within the publication settings.\u003c/li\u003e\n\u003cli\u003eThe server stores the unsanitized JavaScript code in the WordPress database.\u003c/li\u003e\n\u003cli\u003eA legitimate user views or edits the publication containing the injected XSS payload.\u003c/li\u003e\n\u003cli\u003eThe user\u0026rsquo;s browser executes the malicious JavaScript code, potentially stealing cookies or redirecting to a malicious site.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the stolen session cookie or the ability to inject content to further compromise the WordPress site.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of the path traversal vulnerability (CVE-2020-37245) allows an attacker to read sensitive files on the server, potentially exposing credentials, configuration files, or other confidential information. The stored XSS vulnerability allows attackers to inject malicious scripts that execute in the context of other users, potentially leading to account takeover, data theft, or defacement of the website. This can impact any WordPress website running the vulnerable version of the plugin until it\u0026rsquo;s patched or removed. The CVSS v3.1 base score for CVE-2020-37245 is 7.5, indicating a high severity vulnerability.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to a patched version of Supsystic Digital Publications that addresses the path traversal and XSS vulnerabilities.\u003c/li\u003e\n\u003cli\u003eApply input validation and sanitization to all user-supplied input, especially in publication settings, to prevent XSS attacks.\u003c/li\u003e\n\u003cli\u003eImplement proper access controls and file permission restrictions to limit the impact of path traversal vulnerabilities.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious activity, such as requests containing directory traversal sequences, to detect potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Supsystic Path Traversal\u003c/code\u003e to identify exploitation attempts in web server logs.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Supsystic XSS Attempt\u003c/code\u003e to detect potential attempts to inject malicious Javascript into publication parameters.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-16T16:19:28Z","date_published":"2026-05-16T16:19:28Z","id":"https://feed.craftedsignal.io/briefs/2026-05-supsystic-path-traversal-xss/","summary":"Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field, allowing attackers to access sensitive files, and a stored XSS vulnerability due to improper input sanitization, leading to arbitrary script execution in the context of affected users (CVE-2020-37245).","title":"Supsystic Digital Publications Path Traversal and Stored XSS Vulnerability (CVE-2020-37245)","url":"https://feed.craftedsignal.io/briefs/2026-05-supsystic-path-traversal-xss/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.2,"id":"CVE-2020-37244"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Membership 1.4.7"],"_cs_severities":["high"],"_cs_tags":["sqli","cve-2020-37244","wordpress","unauthenticated"],"_cs_type":"advisory","_cs_vendors":["Supsystic"],"content_html":"\u003cp\u003eSupsystic Membership plugin version 1.4.7 is susceptible to SQL injection attacks due to insufficient input validation on the \u0026lsquo;search\u0026rsquo; and \u0026lsquo;sidx\u0026rsquo; parameters within the badges module. This vulnerability, identified as CVE-2020-37244, enables unauthenticated remote attackers to inject arbitrary SQL queries via crafted GET requests. Successful exploitation allows the attacker to read, modify, or delete sensitive data stored in the application\u0026rsquo;s database. The vulnerable software is a WordPress plugin. Attackers leverage this flaw to compromise the integrity of the WordPress site and gain unauthorized access to sensitive information.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies a WordPress site running the vulnerable Supsystic Membership plugin version 1.4.7.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious GET request targeting the badges module.\u003c/li\u003e\n\u003cli\u003eThe attacker injects SQL code into the \u0026lsquo;search\u0026rsquo; or \u0026lsquo;sidx\u0026rsquo; parameter of the GET request.\u003c/li\u003e\n\u003cli\u003eThe web server processes the request and executes the injected SQL query against the database.\u003c/li\u003e\n\u003cli\u003eThe attacker uses time-based blind or UNION-based SQL injection techniques to extract sensitive data, bypassing normal authentication mechanisms.\u003c/li\u003e\n\u003cli\u003eThe extracted data may include user credentials, personal information, or other sensitive business data stored in the database.\u003c/li\u003e\n\u003cli\u003eThe attacker analyzes the extracted data to identify further attack vectors or valuable information.\u003c/li\u003e\n\u003cli\u003eThe attacker may use the compromised database to gain administrative access to the WordPress site, or to exfiltrate data for malicious purposes.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of the SQL injection vulnerability can lead to unauthorized access to sensitive information stored in the WordPress site\u0026rsquo;s database. This includes user credentials, personal information, and other confidential data. A successful attack could result in data breaches, identity theft, financial losses, and reputational damage to the affected organization. Given the unauthenticated nature of the vulnerability, any website running the vulnerable plugin is susceptible to attack.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the Supsystic Membership plugin to a version beyond 1.4.7 to remediate CVE-2020-37244.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect CVE-2020-37244 Supsystic Membership SQL Injection Attempt\u003c/code\u003e to monitor for exploitation attempts.\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization measures to prevent SQL injection vulnerabilities in web applications.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious GET requests containing SQL injection payloads, focusing on the \u0026lsquo;search\u0026rsquo; and \u0026lsquo;sidx\u0026rsquo; parameters in requests to the badges module, as covered by the Sigma rule.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-16T16:19:14Z","date_published":"2026-05-16T16:19:14Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2020-37244-supsystic-sqli/","summary":"Supsystic Membership version 1.4.7 is vulnerable to SQL injection (CVE-2020-37244), allowing unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'search' and 'sidx' parameters, potentially extracting sensitive database information.","title":"CVE-2020-37244: Supsystic Membership 1.4.7 Unauthenticated SQL Injection Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2020-37244-supsystic-sqli/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.2,"id":"CVE-2020-37243"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Pricing Table"],"_cs_severities":["critical"],"_cs_tags":["sql-injection","xss","wordpress","plugin"],"_cs_type":"threat","_cs_vendors":["Supsystic"],"content_html":"\u003cp\u003eSupsystic Pricing Table plugin version 1.8.7 is vulnerable to SQL injection via the \u0026lsquo;sidx\u0026rsquo; GET parameter. This vulnerability allows unauthenticated attackers to execute arbitrary SQL queries by manipulating the getListForTbl action. Additionally, the plugin contains stored cross-site scripting (XSS) vulnerabilities in the \u0026lsquo;Edit name\u0026rsquo; and \u0026lsquo;Edit HTML\u0026rsquo; fields. These XSS vulnerabilities allow attackers to inject malicious scripts that are executed when users view the affected pricing tables. Successful exploitation of the SQL injection vulnerability could allow an attacker to read, modify, or delete sensitive data from the WordPress database. The XSS vulnerability can lead to session hijacking or arbitrary script execution in the context of the user\u0026rsquo;s browser.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies a WordPress site using the vulnerable Supsystic Pricing Table plugin version 1.8.7.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP GET request targeting the getListForTbl action, injecting SQL code into the \u0026lsquo;sidx\u0026rsquo; parameter.\u003c/li\u003e\n\u003cli\u003eThe WordPress server processes the request, and the injected SQL code is executed against the database.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the SQL injection vulnerability to extract sensitive data such as user credentials, API keys, or other confidential information.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages stored XSS vulnerabilities by injecting malicious scripts into the \u0026lsquo;Edit name\u0026rsquo; or \u0026lsquo;Edit HTML\u0026rsquo; fields of a pricing table.\u003c/li\u003e\n\u003cli\u003eA legitimate user views the pricing table containing the injected XSS payload.\u003c/li\u003e\n\u003cli\u003eThe malicious script executes within the user\u0026rsquo;s browser, potentially stealing session cookies or redirecting the user to a phishing site.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the stolen session cookies to impersonate the user, gaining unauthorized access to the WordPress site.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of the SQL injection vulnerability (CVE-2020-37243) can lead to complete database compromise, including unauthorized access to sensitive data, modification of website content, and potential privilege escalation. The stored XSS vulnerabilities allow attackers to inject malicious scripts that can hijack user sessions, deface websites, or redirect users to phishing sites. Given the widespread use of WordPress and its plugins, this vulnerability poses a significant risk to numerous websites and their users.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the Supsystic Pricing Table plugin to a version greater than 1.8.7 to patch the SQL injection vulnerability (CVE-2020-37243).\u003c/li\u003e\n\u003cli\u003eApply input validation and sanitization to all user-supplied data, especially GET parameters, to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eImplement a web application firewall (WAF) rule to detect and block SQL injection attempts targeting the \u0026lsquo;sidx\u0026rsquo; GET parameter.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect CVE-2020-37243 Exploitation — Supsystic Pricing Table SQL Injection\u003c/code\u003e to identify malicious HTTP requests exploiting this vulnerability.\u003c/li\u003e\n\u003cli\u003eReview pricing tables and sanitize suspicious content from \u0026lsquo;Edit name\u0026rsquo; and \u0026lsquo;Edit HTML\u0026rsquo; fields to mitigate stored XSS risks.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-16T16:18:59Z","date_published":"2026-05-16T16:18:59Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2020-37243-supsystic-sql-injection/","summary":"Supsystic Pricing Table plugin version 1.8.7 contains an SQL injection vulnerability via the 'sidx' GET parameter, enabling unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action, as well as stored XSS vulnerabilities.","title":"Supsystic Pricing Table Plugin \u003c= 1.8.7 SQL Injection Vulnerability (CVE-2020-37243)","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2020-37243-supsystic-sql-injection/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.2,"id":"CVE-2020-37242"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Ultimate Maps (1.1.12)"],"_cs_severities":["high"],"_cs_tags":["cve-2020-37242","sql-injection","wordpress"],"_cs_type":"advisory","_cs_vendors":["Supsystic"],"content_html":"\u003cp\u003eSupsystic Ultimate Maps is a WordPress plugin that allows users to create custom maps. Version 1.1.12 of this plugin contains a critical SQL injection vulnerability (CVE-2020-37242). Unauthenticated attackers can exploit this vulnerability by injecting malicious SQL code into the \u0026lsquo;sidx\u0026rsquo; GET parameter when calling the \u0026lsquo;getListForTbl\u0026rsquo; action. Successful exploitation allows attackers to execute arbitrary SQL queries, potentially leading to the extraction of sensitive database information. This vulnerability poses a significant risk to websites using the affected plugin, as it could result in data breaches and compromise of user information.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies a WordPress website running Supsystic Ultimate Maps version 1.1.12.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP GET request targeting the \u003ccode\u003egetListForTbl\u003c/code\u003e action with a SQL injection payload in the \u003ccode\u003esidx\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe malicious GET request is sent to the WordPress website.\u003c/li\u003e\n\u003cli\u003eThe WordPress plugin processes the request without proper sanitization of the \u003ccode\u003esidx\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe injected SQL code is executed against the website\u0026rsquo;s database.\u003c/li\u003e\n\u003cli\u003eThe attacker uses boolean-based or time-based blind SQL injection techniques to extract data.\u003c/li\u003e\n\u003cli\u003eSensitive information, such as usernames, passwords, or other database records, is retrieved.\u003c/li\u003e\n\u003cli\u003eThe attacker exfiltrates the stolen data for malicious purposes.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2020-37242 can lead to the complete compromise of the vulnerable website\u0026rsquo;s database. Attackers can gain access to sensitive information, including user credentials, personal data, and other confidential data stored in the database. This can result in data breaches, identity theft, financial loss, and reputational damage for the website owner and its users. The CVSS v3.1 base score for this vulnerability is 8.2, indicating a high level of severity.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Supsystic Ultimate Maps to a patched version that addresses CVE-2020-37242 to remediate the SQL injection vulnerability.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect CVE-2020-37242 Exploitation — SQL Injection in Supsystic Ultimate Maps\u003c/code\u003e to your SIEM to detect exploitation attempts.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious GET requests to the \u003ccode\u003egetListForTbl\u003c/code\u003e action containing SQL injection payloads in the \u003ccode\u003esidx\u003c/code\u003e parameter as covered by the detection rule.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-16T16:18:44Z","date_published":"2026-05-16T16:18:44Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2020-37242-sqli/","summary":"Supsystic Ultimate Maps 1.1.12 is vulnerable to SQL injection via the 'sidx' GET parameter, allowing unauthenticated attackers to execute arbitrary SQL queries and extract sensitive database information.","title":"Supsystic Ultimate Maps SQL Injection Vulnerability (CVE-2020-37242)","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2020-37242-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — Supsystic","version":"https://jsonfeed.org/version/1.1"}