WordPress Plugin Vulnerabilities

SpiderCatalog <= 1.7.3 - Admin+ SQL Injection

Description

The plugin does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category

Proof of Concept

Affects Plugins

Plugin icon
catalog
No known fix

References

CVE
CVE-2021-24625
URL
https://codevigilant.com/disclosure/2021/wp-plugin-catalog/

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
6.8 (medium)

Miscellaneous

Original Researcher
Shreya Pohekar of Codevigilant Project
Verified
Yes
WPVDB ID
33e4d7c6-fa6f-459f-84b9-732ec40088b8

Timeline

Publicly Published
2021-10-07 (about 4 years ago)
Added
2021-10-07 (about 4 years ago)
Last Updated
2022-04-12 (about 3 years ago)

Other

Published
Title
Published
2022-01-27
Title
GWA AutoResponder <= 2.3 - Unauthenticated SQL Injection
Published
2025-01-07
Title
Virtual Bot <= 1.0.0 - Unauthenticated SQL Injection
Published
2014-09-07
Title
Spider Facebook < 1.0.10 - Authenticated SQL Injection
Published
2024-12-13
Title
WP Job Portal < 2.2.3 - Unauthenticated SQL Injection
Published
2020-06-12
Title
wpDiscuz < 5.3.6 - Unauthenticated SQL Injection