High-Tech Bridge SA Security Research Lab has discovered vulnerability in cdnvote WordPress plugin which could be exploited to perform SQL injection attacks.
1) SQL injection vulnerability in cdnvote
The vulnerability exists due to input sanitation errors in the "cdnvote_point" parameter in wp-content/plugins/cdnvote/cdnvote-post.php. A remote attacker can send a specially crafted HTTP request to the vulnerable script and execute arbitrary SQL commands in application`s database. Successful exploitation may allow an attacker to read, modify, add or delete arbitrary data in the database.
<form action="http://[host]/wp-content/plugins/cdnvote/cdnvote-post.php" method="post" name="main" >
<input type="hidden" name="cdnvote_post_id" value="SQL_CODE_HERE" />
<input type="hidden" name="cdnvote_point" value="OR_HERE" />
<input type="submit" value="Register" name="submit" />