WordPress Plugin Vulnerabilities

WP Private Messages 1.0.1 – Authenticated SQL Injection

Description

Type user access: registered user.

$_GET[‘id’] is not escaped. URL is accessible for every registered user.

Proof of Concept

Affects Plugins

Plugin icon
wp-private-messages
No known fix

References

URL
https://lenonleite.com.br/en/2016/12/16/wp-private-messages-1-0-1-plugin-wordpress-sql-injection/

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter
Lenon Leite
Submitter website
http://lenonleite.com.br/
Submitter twitter
lenonleite
Verified
Yes
WPVDB ID
e4bb2d51-491d-4d84-86c7-e899a2051850

Timeline

Publicly Published
2016-12-12 (about 9 years ago)
Added
2016-12-20 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2014-08-01
Title
Cardoza WordPress poll - Multiple SQL Injection Vulnerabilities
Published
2022-10-03
Title
Blog2Social < 6.9.10 - Subscriber+ SQLi
Published
2025-12-14
Title
Store Locator WordPress < 1.6.3 - Authenticated (Contributor+) SQL Injection
Published
2014-08-01
Title
Facebook Survey Pro - timeline/index.php id Parameter SQL Injection
Published
2018-08-26
Title
Gift Voucher < 4.1.8 - Unauthenticated Blind SQL Injection