WordPress Plugin Vulnerabilities

Simple Membership WP < 1.8 - Admin+ SQLi

Description

The plugin does not properly sanitise and escape the orderby parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin

Affects Plugins

Plugin icon
simple-membership-wp-user-import
Fixed in 1.8

References

CVE
CVE-2023-0254

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
4.1 (medium)

Miscellaneous

Original Researcher
Etan Imanol Castro Aldrete
Verified
No
WPVDB ID
9de160f4-cef6-4620-9748-0c110eca7590

Timeline

Publicly Published
2023-01-12 (about 3 years ago)
Added
2023-01-12 (about 3 years ago)
Last Updated
2023-01-12 (about 3 years ago)

Other

Published
Title
Published
2023-09-18
Title
wpDiscuz < 7.6.6 - Unauthenticated SQL Injection
Published
2025-01-16
Title
Menus Plus+ <= 1.9.6 - Authenticated (Subscriber+) SQL Injection
Published
2014-08-01
Title
post highlights <= 2.2 - SQL Injection
Published
2024-10-31
Title
5 Stars Rating Funnel <= 1.4.01 - Authenticated (Contributor+) SQL Injection
Published
2023-01-13
Title
Custom 404 Pro < 3.7.1 - Admin+ SQLi