CVE-2017-1002002 in webapp-builder
Summary
by MITRE
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 09/13/2025
The vulnerability identified in CVE-2017-1002002 represents a critical security flaw within the wordpress plugin webapp-builder version 2.0 which incorporates unauthorized third-party content management system software from invedion.com. This issue constitutes a supply chain attack vector where malicious code is embedded within legitimate software components, creating an inherent risk for all wordpress installations utilizing this plugin. The vulnerability arises from the inclusion of unlicensed software without proper security vetting, establishing a persistent threat vector that extends beyond the immediate plugin functionality.
The technical flaw manifests through the integration of vulnerable CMS software that contains known security weaknesses and potential backdoors. This unlicensed software component creates multiple attack surfaces within the wordpress environment, as it likely includes outdated code libraries, unpatched security vulnerabilities, and potentially malicious functionality. The vulnerability falls under the category of software supply chain compromise where the legitimate plugin serves as a vehicle for delivering malicious or insecure code to target systems. This pattern aligns with CWE-502 which addresses deserialization of untrusted data and CWE-829 which covers inclusion of functionality from untrusted source.
The operational impact of this vulnerability extends far beyond the immediate plugin functionality, as it creates persistent security risks for wordpress installations. Attackers can exploit the unlicensed CMS software to gain unauthorized access to systems, potentially leading to complete compromise of the wordpress installation. The vulnerability enables various attack vectors including remote code execution, privilege escalation, and data exfiltration. Organizations using this plugin face significant risk of credential theft, website defacement, and unauthorized access to sensitive data stored within the wordpress environment. This vulnerability directly impacts the CIA triad by compromising confidentiality, integrity, and availability of the affected systems.
Mitigation strategies for this vulnerability require immediate action including complete removal of the webapp-builder plugin from all wordpress installations, followed by thorough security auditing of affected systems. System administrators should implement comprehensive patch management procedures to ensure all wordpress core components and plugins are updated to their latest secure versions. The remediation process must include verification that no remnants of the vulnerable software remain within the wordpress installation directory. Additionally, organizations should implement network monitoring to detect any suspicious activity that may indicate compromise from the unlicensed software component. This vulnerability demonstrates the critical importance of software supply chain security and aligns with ATT&CK technique T1190 which covers exploit for client execution, emphasizing the need for strict software vetting processes and regular security assessments.