CVE-2024-13712 identifies a SQL Injection vulnerability in the Pollin plugin for WordPress, developed by binnyva. The vulnerability exists in all versions up to and including 1.01.1 due to insufficient escaping and lack of proper preparation of the SQL query involving the 'question' parameter. This parameter accepts user input that is directly incorporated into SQL statements without adequate sanitization, enabling attackers to append additional SQL commands. The flaw is categorized under CWE-89, indicating improper neutralization of special elements used in SQL commands. An unauthenticated attacker can exploit this vulnerability to extract sensitive information from the underlying database, potentially exposing user data or site configuration details. The CVSS 3.1 base score is 4.9 (medium severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), but requiring high privileges (PR:H), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), no integrity or availability impact (I:N/A:N). The requirement for high privileges suggests that exploitation may need an authenticated user with elevated rights, limiting the attack surface somewhat. No public exploits have been reported yet, but the vulnerability remains a significant risk for sites using the affected plugin versions. The lack of patch links indicates that a fix may not yet be publicly available, emphasizing the need for defensive measures.

The primary impact of this vulnerability is unauthorized disclosure of sensitive information from the WordPress site's database. Attackers exploiting this flaw can retrieve confidential data such as user credentials, personal information, or site configuration details, potentially leading to further compromise or data breaches. Although the vulnerability does not directly affect data integrity or availability, the exposure of sensitive data can have severe reputational and legal consequences for organizations. Since the vulnerability requires high privileges, the risk is somewhat mitigated by the need for an authenticated user with elevated rights; however, if such credentials are compromised or if insider threats exist, the vulnerability becomes critical. Given the widespread use of WordPress and the potential for the Pollin plugin to be installed on numerous sites, the scope of affected systems is significant. Organizations relying on this plugin, especially those handling sensitive user data, face increased risk of data leakage and should act promptly to mitigate exposure.

To mitigate this vulnerability, organizations should first verify whether the Pollin plugin is installed and identify the version in use. Immediate steps include disabling or removing the plugin if it is not essential. If the plugin is required, monitor vendor communications closely for official patches or updates addressing CVE-2024-13712 and apply them promptly once available. In the interim, implement strict input validation and sanitization on the 'question' parameter to block malicious SQL payloads. Employ Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection attempts targeting this parameter. Restrict database user privileges associated with the WordPress application to the minimum necessary to reduce potential data exposure. Regularly audit database access logs for unusual queries or patterns indicative of exploitation attempts. Additionally, enforce strong authentication and access controls to limit the number of users with high privileges, thereby reducing the attack surface. Consider using security plugins that provide runtime protection against SQL injection attacks. Finally, conduct security awareness training for administrators to recognize and respond to suspicious activities.