What is GHSA-4mxv-55rp-8c89?

GHSA-4mxv-55rp-8c89 is a security advisory published by GitHub Security Advisories with High severity. Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows...

Which CVE IDs does GHSA-4mxv-55rp-8c89 cover?

GHSA-4mxv-55rp-8c89 covers the following CVE IDs: CVE-2016-20073. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-4mxv-55rp-8c89?

GHSA-4mxv-55rp-8c89 has a CVSS v3 base score of 8.2, published by GitHub Security Advisories.

GHSA-4mxv-55rp-8c89HighCVSS 8.2

Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows...

Vendor

GitHub Security Advisories

Published

June 15, 2026

Last Modified

June 15, 2026

🔗 CVE IDs covered (1)

CVE-2016-20073 →

📋 Description

Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract sensitive database information including WordPress terms and configuration data.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2016-20073
https://wordpress.org/plugins/answer-my-question
https://www.exploit-db.com/exploits/40771
https://www.vulncheck.com/advisories/answer-my-question-plugin-wordpress-sql-injection-via-modal-php
http://lenonleite.com.br
https://github.com/advisories/GHSA-4mxv-55rp-8c89