CVE-2023-2237

2023-06-0906:16:05

[email protected]

web.nvd.nist.gov

wp replicate post

sql injection

wordpress

database

vulnerability

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

55.4%

JSON

The WP Replicate Post plugin for WordPress is vulnerable to SQL Injection via the post_id parameter in versions up to, and including, 4.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for contributor-level attackers or higher to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Affected configurations

Nvd

Node

yudizwp_replicate_postRange≤4.0.2wordpress

VendorProductVersionCPE
yudizwp_replicate_post*cpe:2.3:a:yudiz:wp_replicate_post:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
yudiz	wp_replicate_post	*	cpe:2.3:a:yudiz:wp_replicate_post::::::wordpress::*

References

plugins.trac.wordpress.org/browser/wp-replicate-post/trunk/init/functions.php#L81

plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910474%40wp-replicate-post%2Ftrunk&old=2896518%40wp-replicate-post%2Ftrunk&sfp_email=&sfph_mail=#file3

www.wordfence.com/threat-intel/vulnerabilities/id/916e6f8b-cb29-4062-9a05-0337cfdb382a?source=cve