PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-13331 trainingbusinesspros CVE debrief

The Groundhogg plugin for WordPress is vulnerable to SQL injection attacks via the 'search' parameter in versions up to and including 4.5.5. This issue arises from insufficient escaping of user-supplied parameters and inadequate preparation of existing SQL queries. Exploitation of this vulnerability allows authenticated attackers with marketer-level access or higher to append additional SQL queries to existing ones, potentially leading to sensitive information extraction from the database. The vulnerability has been assigned a CVSS score of 6.5, indicating a medium severity level. The CVE record was published on June 27, 2026, and last modified on June 29, 2026.

Vendor
trainingbusinesspros
Product
Groundhogg — CRM, Newsletters, and Marketing Automation
CVSS
MEDIUM 6.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-27
Original CVE updated
2026-06-29
Advisory published
2026-06-27
Advisory updated
2026-06-29

Who should care

WordPress users with the Groundhogg plugin installed, particularly those with marketer-level access or higher, should be aware of this vulnerability. Site administrators and security teams should prioritize patching or mitigating this issue to prevent potential data breaches. Given the medium severity and potential for data extraction, proactive measures are recommended.

Technical summary

The Groundhogg plugin for WordPress, versions up to and including 4.5.5, is susceptible to SQL injection attacks. The vulnerability is introduced by insufficient escaping of the 'search' parameter and inadequate preparation of SQL queries. Authenticated attackers with marketer-level access or higher can exploit this issue to append additional SQL queries, potentially leading to sensitive information disclosure. The vulnerability is characterized by a CVSS:3.1 vector of AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, reflecting a medium severity level with high impact on confidentiality. The CWE-89 weakness is associated with this vulnerability.

Defensive priority

Patching the Groundhogg plugin to a version beyond 4.5.5 is the primary recommendation. In the interim, restricting access to the 'search' parameter and enhancing SQL query preparation and escaping can mitigate the risk. Monitoring database queries for anomalies and implementing web application firewalls (WAFs) with SQL injection rules can provide additional layers of defense.

Recommended defensive actions

  • Patch the Groundhogg plugin to the latest version available.
  • Restrict access to the 'search' parameter to prevent unauthorized modifications.
  • Enhance SQL query preparation and escaping mechanisms within the plugin.
  • Monitor database queries for suspicious activity indicative of SQL injection attempts.
  • Implement a web application firewall (WAF) with rules to detect and prevent SQL injection attacks.

Evidence notes

The CVE record and NVD detail provide official information on the vulnerability. Multiple source references from Wordfence and the WordPress Trac repository offer insights into the affected code and potential exploitation vectors. The CVSS score and CWE weakness provide a structured assessment of the vulnerability's severity and nature.

Official resources

This article is AI-assisted and based on the supplied source corpus.