WordPress <= 4.8.2 - $wpdb->prepare() Weakness

Sign up to our free email alerts service for instant vulnerability notifications!

Description
"WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Anthony Ferrara."

Affects WordPresses

fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.7.7
fixed in version 4.7.7
fixed in version 4.7.7
fixed in version 4.7.7
fixed in version 4.7.7
fixed in version 4.7.7
fixed in version 4.7.7
fixed in version 4.6.8
fixed in version 4.6.8
fixed in version 4.6.8
fixed in version 4.6.8
fixed in version 4.6.8
fixed in version 4.6.8
fixed in version 4.6.8
fixed in version 4.6.8
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.5.11
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.4.12
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.3.13
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.2.17
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.1.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 4.0.20
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.9.21
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.8.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 3.7.23
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3
fixed in version 4.8.3

References

CVE 2017-16510
URL https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
URL https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
URL https://twitter.com/ircmaxell/status/923662170092638208
URL https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html

Classification

Type SQLI
OWASP Top 10 A1: Injection
CWE CWE-89

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 2693
Verified No
WPVDB ID 8941

Timeline

Publicly Published 2017-10-31 (23 days ago)
Added 2017-10-31 (23 days ago)
Last Updated 2017-11-09 (14 days ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.