WordPress Plugin Vulnerabilities

Chopslider <= 3.4 - Unauthenticated Blind SQL Injection

Description

The id parameter of the get_script/index.php page is not sanitised when used in a SQL statement, leading to an unauthenticated blind SQL Injection issue.

Vendor was contacted by researcher, on March 3rd, 2020 but no reply was received.

Proof of Concept

The PoC will be displayed once the issue has been remediated.

Affects Plugins

Plugin icon
chopslider
No known fix

References

CVE
CVE-2020-11530
URL
https://seclists.org/fulldisclosure/2020/May/26

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
9.3 (critical)

Miscellaneous

Original Researcher
Callum Murphy
Verified
No
WPVDB ID
f10cd7d7-6a31-48e5-994c-b100c846001a

Timeline

Publicly Published
2020-05-09 (about 4 years ago)
Added
2020-05-09 (about 4 years ago)
Last Updated
2020-05-12 (about 4 years ago)

Other

Published
Title
Published
2015-11-24
Title
WordPress Meta Robots <= 2.1 - Authenticated Blind SQL Injection
Published
2019-07-11
Title
AdRotate Banner Manager <= 5.2 - Authenticated SQL Injection
Published
2014-08-01
Title
Wordpress 2.2 - XML-RPC SQL Injection
Published
2015-07-08
Title
WP Shop <= 3.4.3.15 - Unauthenticated Blind SQL Injection
Published
2023-12-21
Title
Pre* Party Resource Hints < 1.8.20 - Admin+ SQLi