WordPress 2.3.0-4.7.4 - Authenticated SQL injection

Description

Due bad solution of the database abstraction library WordPress exposes itself towards SQL Injection and validation bypass. Beside WordPress itself this issue have huge impact towards complete WP ecosystem.

Up to WordPress 4.8.1 is vulnerable, but this time attack is dependent from another plugins / themes / setup.

Affects WordPresses

4.7.4

fixed in version 4.7.5

4.7.3

fixed in version 4.7.5

4.7.2

fixed in version 4.7.5

4.7.1

fixed in version 4.7.5

4.7

fixed in version 4.7.5

4.6.6

fixed in version 4.7.5

4.6.5

fixed in version 4.7.5

4.6.4

fixed in version 4.7.5

4.6.3

fixed in version 4.7.5

4.6.2

fixed in version 4.7.5

4.6.1

fixed in version 4.7.5

4.6

fixed in version 4.7.5

4.5.9

fixed in version 4.7.5

4.5.8

fixed in version 4.7.5

4.5.7

fixed in version 4.7.5

4.5.6

fixed in version 4.7.5

4.5.5

fixed in version 4.7.5

4.5.4

fixed in version 4.7.5

4.5.3

fixed in version 4.7.5

4.5.2

fixed in version 4.7.5

4.5.1

fixed in version 4.7.5

4.5

fixed in version 4.7.5

4.4.9

fixed in version 4.7.5

4.4.8

fixed in version 4.7.5

4.4.7

fixed in version 4.7.5

4.4.6

fixed in version 4.7.5

4.4.5

fixed in version 4.7.5

4.4.4

fixed in version 4.7.5

4.4.3

fixed in version 4.7.5

4.4.2

fixed in version 4.7.5

4.4.10

fixed in version 4.7.5

4.4.1

fixed in version 4.7.5

4.4

fixed in version 4.7.5

4.3.9

fixed in version 4.7.5

4.3.8

fixed in version 4.7.5

4.3.7

fixed in version 4.7.5

4.3.6

fixed in version 4.7.5

4.3.5

fixed in version 4.7.5

4.3.4

fixed in version 4.7.5

4.3.3

fixed in version 4.7.5

4.3.2

fixed in version 4.7.5

4.3.11

fixed in version 4.7.5

4.3.10

fixed in version 4.7.5

4.3.1

fixed in version 4.7.5

4.3

fixed in version 4.7.5

4.2.9

fixed in version 4.7.5

4.2.8

fixed in version 4.7.5

4.2.7

fixed in version 4.7.5

4.2.6

fixed in version 4.7.5

4.2.5

fixed in version 4.7.5

4.2.4

fixed in version 4.7.5

4.2.3

fixed in version 4.7.5

4.2.2

fixed in version 4.7.5

4.2.15

fixed in version 4.7.5

4.2.14

fixed in version 4.7.5

4.2.13

fixed in version 4.7.5

4.2.12

fixed in version 4.7.5

4.2.11

fixed in version 4.7.5

4.2.10

fixed in version 4.7.5

4.2.1

fixed in version 4.7.5

4.2

fixed in version 4.7.5

4.1.9

fixed in version 4.7.5

4.1.8

fixed in version 4.7.5

4.1.7

fixed in version 4.7.5

4.1.6

fixed in version 4.7.5

4.1.5

fixed in version 4.7.5

4.1.4

fixed in version 4.7.5

4.1.3

fixed in version 4.7.5

4.1.2

fixed in version 4.7.5

4.1.18

fixed in version 4.7.5

4.1.17

fixed in version 4.7.5

4.1.16

fixed in version 4.7.5

4.1.15

fixed in version 4.7.5

4.1.14

fixed in version 4.7.5

4.1.13

fixed in version 4.7.5

4.1.12

fixed in version 4.7.5

4.1.11

fixed in version 4.7.5

4.1.10

fixed in version 4.7.5

4.1.1

fixed in version 4.7.5

4.1

fixed in version 4.7.5

4.0.9

fixed in version 4.7.5

4.0.8

fixed in version 4.7.5

4.0.7

fixed in version 4.7.5

4.0.6

fixed in version 4.7.5

4.0.5

fixed in version 4.7.5

4.0.4

fixed in version 4.7.5

4.0.3

fixed in version 4.7.5

4.0.2

fixed in version 4.7.5

4.0.18

fixed in version 4.7.5

4.0.17

fixed in version 4.7.5

4.0.16

fixed in version 4.7.5

4.0.15

fixed in version 4.7.5

4.0.14

fixed in version 4.7.5

4.0.13

fixed in version 4.7.5

4.0.12

fixed in version 4.7.5

4.0.11

fixed in version 4.7.5

4.0.10

fixed in version 4.7.5

4.0.1

fixed in version 4.7.5

4.0

fixed in version 4.7.5

3.9.9

fixed in version 4.7.5

3.9.8

fixed in version 4.7.5

3.9.7

fixed in version 4.7.5

3.9.6

fixed in version 4.7.5

3.9.5

fixed in version 4.7.5

3.9.4

fixed in version 4.7.5

3.9.3

fixed in version 4.7.5

3.9.2

fixed in version 4.7.5

3.9.19

fixed in version 4.7.5

3.9.18

fixed in version 4.7.5

3.9.17

fixed in version 4.7.5

3.9.16

fixed in version 4.7.5

3.9.15

fixed in version 4.7.5

3.9.14

fixed in version 4.7.5

3.9.13

fixed in version 4.7.5

3.9.12

fixed in version 4.7.5

3.9.11

fixed in version 4.7.5

3.9.10

fixed in version 4.7.5

3.9.1

fixed in version 4.7.5

3.9

fixed in version 4.7.5

3.8.9

fixed in version 4.7.5

3.8.8

fixed in version 4.7.5

3.8.7

fixed in version 4.7.5

3.8.6

fixed in version 4.7.5

3.8.5

fixed in version 4.7.5

3.8.4

fixed in version 4.7.5

3.8.3

fixed in version 4.7.5

3.8.21

fixed in version 4.7.5

3.8.20

fixed in version 4.7.5

3.8.2

fixed in version 4.7.5

3.8.19

fixed in version 4.7.5

3.8.18

fixed in version 4.7.5

3.8.17

fixed in version 4.7.5

3.8.16

fixed in version 4.7.5

3.8.15

fixed in version 4.7.5

3.8.14

fixed in version 4.7.5

3.8.13

fixed in version 4.7.5

3.8.12

fixed in version 4.7.5

3.8.11

fixed in version 4.7.5

3.8.10

fixed in version 4.7.5

3.8.1

fixed in version 4.7.5

3.8

fixed in version 4.7.5

3.7.9

fixed in version 4.7.5

3.7.8

fixed in version 4.7.5

3.7.7

fixed in version 4.7.5

3.7.6

fixed in version 4.7.5

3.7.5

fixed in version 4.7.5

3.7.4

fixed in version 4.7.5

3.7.3

fixed in version 4.7.5

3.7.21

fixed in version 4.7.5

3.7.20

fixed in version 4.7.5

3.7.2

fixed in version 4.7.5

3.7.19

fixed in version 4.7.5

3.7.18

fixed in version 4.7.5

3.7.17

fixed in version 4.7.5

3.7.16

fixed in version 4.7.5

3.7.15

fixed in version 4.7.5

3.7.14

fixed in version 4.7.5

3.7.13

fixed in version 4.7.5

3.7.12

fixed in version 4.7.5

3.7.11

fixed in version 4.7.5

3.7.10

fixed in version 4.7.5

3.7.1

fixed in version 4.7.5

3.7

fixed in version 4.7.5

3.6.1

fixed in version 4.7.5

3.6

fixed in version 4.7.5

3.5.2

fixed in version 4.7.5

3.5.1

fixed in version 4.7.5

3.5

fixed in version 4.7.5

3.4.2

fixed in version 4.7.5

3.4.1

fixed in version 4.7.5

3.4

fixed in version 4.7.5

3.3.3

fixed in version 4.7.5

3.3.2

fixed in version 4.7.5

3.3.1

fixed in version 4.7.5

3.3

fixed in version 4.7.5

3.2.1

fixed in version 4.7.5

3.2

fixed in version 4.7.5

3.1.4

fixed in version 4.7.5

3.1.3

fixed in version 4.7.5

3.1.2

fixed in version 4.7.5

3.1.1

fixed in version 4.7.5

3.1

fixed in version 4.7.5

3.0.6

fixed in version 4.7.5

3.0.5

fixed in version 4.7.5

3.0.4

fixed in version 4.7.5

3.0.3

fixed in version 4.7.5

3.0.2

fixed in version 4.7.5

3.0.1

fixed in version 4.7.5

3.0

fixed in version 4.7.5

2.9.2

fixed in version 4.7.5

2.9.1

fixed in version 4.7.5

2.9

fixed in version 4.7.5

2.8.6

fixed in version 4.7.5

2.8.5

fixed in version 4.7.5

2.8.4

fixed in version 4.7.5

2.8.3

fixed in version 4.7.5

2.8.2

fixed in version 4.7.5

2.8.1

fixed in version 4.7.5

2.8

fixed in version 4.7.5

2.7.1

fixed in version 4.7.5

2.7

fixed in version 4.7.5

2.6.5

fixed in version 4.7.5

2.6.3

fixed in version 4.7.5

2.6.2

fixed in version 4.7.5

2.6.1

fixed in version 4.7.5

2.6

fixed in version 4.7.5

2.5.1

fixed in version 4.7.5

2.5

fixed in version 4.7.5

2.3.3

fixed in version 4.7.5

2.3.2

fixed in version 4.7.5

2.3.1

fixed in version 4.7.5

2.3

fixed in version 4.7.5

References

URL	https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
URL	https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
URL	https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
URL	https://wpvulndb.com/vulnerabilities/8905

Classification

Type	SQLI
OWASP Top 10	A1: Injection
CWE	CWE-89

Miscellaneous

Submitter	Slavco
Submitter Website	https://medium.com/websec
Submitter Twitter	mslavco
Views	5237
Verified	No
WPVDB ID	8906

Timeline

Publicly Published	2017-08-24 (10 months ago)
Added	2017-09-20 (9 months ago)
Last Updated	2017-09-20 (9 months ago)

Copyright & License

Copyright	All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License	Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.