A high-severity vulnerability has been identified in the Codedraft Mediabay WordPress plugin, which could allow an attacker to steal sensitive information from the website's database. This flaw, a Blind SQL Injection, can be exploited remotely to access user data, customer information, or other confidential content, potentially leading to a full compromise of the affected website. Immediate patching is required to mitigate the significant risk of a data breach.

The vulnerability is a Blind SQL Injection within the Codedraft Mediabay plugin. An unauthenticated or authenticated attacker (depending on the specific vulnerable function) can send specially crafted input to the plugin. The application fails to properly sanitize this input before incorporating it into a database query, allowing the attacker's malicious SQL commands to be executed. Because this is a "blind" injection, the attacker does not receive direct output from the database but can infer data by observing the application's responses, such as time delays or boolean (true/false) changes, to slowly exfiltrate sensitive information like user credentials, hashed passwords, or other confidential data stored in the database.

This vulnerability is rated as High severity with a CVSS score of 8.5. Successful exploitation could have a severe business impact, including a significant data breach leading to the theft of customer information, user credentials, and other proprietary data. This could result in direct financial loss, reputational damage, loss of customer trust, and potential regulatory fines under data protection laws like GDPR or CCPA. An attacker could also potentially escalate their privileges to gain administrative control over the WordPress site, leading to website defacement, malware distribution, or a complete system takeover.

Immediate Action: Immediately update the Codedraft Mediabay WordPress plugin to the latest version provided by the developer, which contains a patch for this vulnerability. After patching, review the plugin's settings to ensure they are configured securely. If the plugin is not critical to business operations, consider deactivating and removing it to reduce the overall attack surface.

Proactive Monitoring: Monitor Web Application Firewall (WAF) and web server access logs for suspicious requests targeting the Mediabay plugin's functionality, looking for patterns indicative of SQL injection (e.g., use of SQL keywords, time-delay functions like SLEEP() or BENCHMARK()). Monitor database server logs for abnormally slow or malformed queries, which can be a sign of an ongoing blind SQL injection attack.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with a robust SQL injection rule set to block malicious requests. Ensure the database user account for the WordPress application operates with the principle of least privilege and cannot perform actions outside of its required scope.

Public Exploit Available: false

Due to the high severity (CVSS 8.5) of this vulnerability and the significant risk of data exfiltration and website compromise, it is strongly recommended that organizations prioritize patching this flaw immediately. All internet-facing WordPress sites using the Codedraft Mediabay plugin should be identified and updated without delay. While this vulnerability is not currently listed on the CISA KEV catalog, its critical nature warrants urgent attention to prevent potential exploitation.