CVE-2021-43408

Exploit

EPSS 31.28%
Veröffentlicht 19.11.2021 16:15:07
Zuletzt bearbeitet 21.11.2024 06:29:11
Quelle info@appcheck-ng.com
CVE-Watchlists
Login
Unerledigt
Login

Duplicate Post WordPress Plugin <= 1.1.9 - SQL Injection

The "Duplicate Post" WordPress plugin up to and including version 1.1.9 is vulnerable to SQL Injection. SQL injection vulnerabilities occur when client supplied data is included within an SQL Query insecurely. SQL Injection can typically be exploited to read, modify and delete SQL table data. In many cases it also possible to exploit features of SQL server to execute system commands and/or access the local file system. This particular vulnerability can be exploited by any authenticated user who has been granted access to use the Duplicate Post plugin. By default, this is limited to Administrators, however the plugin presents the option to permit access to the Editor, Author, Contributor and Subscriber roles.

Mögliche Gegenmaßnahme

Duplicate Post: Update to version 1.2.0, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt Duplicate Post

Version [*, 1.2.0)

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Duplicate Post Project ≫ Duplicate Post SwPlatformwordpress Version <= 1.1.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	31.28%	0.963

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C
info@appcheck-ng.com	6.5	1.2	5.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

https://appcheck-ng.com/security-advisory-duplicate-post-wordpress-plugin-sql-injection-vulnerability/

Third Party Advisory

Exploit

https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.2.0/post/handler.php#L510

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/e7a0b40b-560a-4f2a-ad6d-6b2284fd5f25

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-43408

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-43408

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-43408

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2021-43408