WordPress Plugin Vulnerabilities

WP Sessions Time Monitoring Full Automatic < 1.0.9 - Unauthenticated SQL injection

Description

The plugin does not sanitize the request URL or query parameters before using them in an SQL query, allowing unauthenticated attackers to extract sensitive data from the database via blind time based SQL injection techniques, or in some cases an error/union based technique.

Proof of Concept

Affects Plugins

Plugin icon
activitytime
Fixed in 1.0.9

References

CVE
CVE-2023-5203

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
8.2 (high)

Miscellaneous

Original Researcher
Nicolas Surribas
Submitter
Nicolas Surribas
Submitter website
https://devl00p.github.io/
Submitter twitter
devl00p
Verified
Yes
WPVDB ID
7f4f505b-2667-4e0f-9841-9c1cd0831932

Timeline

Publicly Published
2023-09-11 (about 2 years ago)
Added
2023-11-30 (about 2 years ago)
Last Updated
2023-11-30 (about 2 years ago)

Other

Published
Title
Published
2023-11-06
Title
WD WidgetTwitter <= 1.0.9 - Contributor+ SQLi
Published
2014-08-01
Title
Ads Box - iframe_ampl.php count Parameter SQL Injection
Published
2024-08-20
Title
App Builder – Create Native Android & iOS Apps On The Flight < 4.3.4 - Unauthenticated Limited SQL Injection via app-builder-search
Published
2025-02-03
Title
CWD – Stealth Links <= 1.3 - Unauthenticated SQL Injection
Published
2025-03-21
Title
WooCommerce Multivendor Marketplace – REST API < 1.6.3 - Authenticated (Subscriber+) SQL Injection