WordPress Plugin Vulnerabilities

Cube Slider <= 1.2 - Admin+ SQLi

Description

The plugin does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin

Proof of Concept

Affects Plugins

Plugin icon
cube-slider
No known fix

References

CVE
CVE-2022-1684
URL
https://bulletin.iese.de/post/cube-slider_1-2

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
6.8 (medium)

Miscellaneous

Original Researcher
Daniel Krohmer (Fraunhofer IESE, Germany), Shi Chen (University of Kaiserslautern, Germany)
Submitter
Daniel Krohmer
Submitter website
https://iese.fraunhofer.de/en.html
Verified
Yes
WPVDB ID
db7fb815-945a-41c7-8932-834cc646a806

Timeline

Publicly Published
2022-05-09 (about 3 years ago)
Added
2022-05-12 (about 3 years ago)
Last Updated
2022-05-13 (about 3 years ago)

Other

Published
Title
Published
2014-08-01
Title
WP Realty - MySQL Time Based Injection
Published
2024-11-01
Title
Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress < 1.1.17 - Authenticated (Subscriber+) SQL Injection
Published
2024-10-18
Title
Rate Own Post <= 1.0 - Authenticated (Subscriber+) SQL Injection
Published
2025-05-16
Title
Apollo <= 3.6.3 - Authenticated (Contributor+) SQL Injection
Published
2023-11-03
Title
RSVPMarker < 10.6.7 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')