PatchSiren cyber security CVE debrief
CVE-2026-13262 ahmadmj CVE debrief
The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin for WordPress is vulnerable to generic SQL Injection via the 'val' parameter in all versions up to, and including, 1.1.9. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Exploitation requires a valid 'get-smart-reply' nonce, which any Subscriber-level user can obtain by creating a ticket via the public frontend and visiting the resulting ticket detail page.
- Vendor
- ahmadmj
- Product
- Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-11
- Original CVE updated
- 2026-07-11
- Advisory published
- 2026-07-11
- Advisory updated
- 2026-07-11
Who should care
WordPress users who have installed the Majestic Support plugin, especially those with Subscriber-level users, should be aware of this vulnerability and take steps to protect their sites.
Technical summary
The vulnerability exists in the Majestic Support plugin for WordPress, specifically in versions up to and including 1.1.9. It is caused by insufficient escaping of the user-supplied 'val' parameter and a lack of preparation in the existing SQL query. This allows unauthenticated attackers to inject additional SQL queries into existing ones, potentially leading to the extraction of sensitive database information. Notably, exploitation requires a valid 'get-smart-reply' nonce, which can be easily obtained by any Subscriber-level user through creating a ticket and visiting its detail page.
Defensive priority
Medium priority due to the potential for sensitive information disclosure and the relatively low barrier to exploitation.
Recommended defensive actions
- Update the Majestic Support plugin to a version that fixes the SQL injection vulnerability, if available.
- Restrict access to the 'get-smart-reply' nonce to prevent unauthorized users from obtaining it.
- Implement additional monitoring to detect potential exploitation attempts.
- Consider using a Web Application Firewall (WAF) to help protect against SQL injection attacks.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
Evidence notes
The CVE record was published on 2026-07-11T04:17:16.793Z and has not been modified since then. The NVD entry is currently in the 'Received' status. The vulnerability was reported by [email protected].
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-11T04:17:16.793Z and has not been modified since then. The NVD entry is currently in the 'Received' status.