Lucene search
WpvulndbWPVDB-ID:4A27D374-F690-4A8A-987A-9E0F56BBE143HistoryOct 16, 2021 - 12:00 a.m.
Speed Booster Pack < 4.3.3.1 - Admin+ SQL Injection
2021-10-1600:00:00
wpscan.com
6
0.001 Low
EPSS
Percentile
37.9%
The plugin does not escape the sbp_convert_table_name parameter before using it in a SQL statement to convert the related table, leading to an SQL injection
PoC
https://example.com/wp-admin/admin-ajax.php?action=sbp_database_action&sbp;_action=convert_tables&sbp;_convert_table_name=SQLi&nonce;=b2d6208254 The nonce is obtained when Converting a table to InnoDB (/wp-admin/admin.php?page=sbp-settings#tab=database-optimization) and capturing the request
| CPE | Name | Operator | Version |
|---|---|---|---|
| speed-booster-pack | lt | 4.3.3.1 |
Related
patchstack
patchstack
nvd
nvd
CVE-2021-25023
2022-01-03 13:15:09
prion
prion
Sql injection
2022-01-03 13:15:00
cvelist
cvelist
CVE-2021-25023 Speed Booster Pack < 4.3.3.1 - Admin+ SQL Injection
2022-01-03 12:49:15
cve
cve
CVE-2021-25023
2022-01-03 13:15:09
wpexploit
wpexploit
Speed Booster Pack < 4.3.3.1 - Admin+ SQL Injection
2021-10-16 00:00:00
cnvd
cnvd
WordPress SQL Injection Vulnerability (CNVD-2022-03213)
2022-01-07 00:00:00