Description: The WP Post Author – Boost Your Blog's Engagement with Author Box, Social Links, Co-Authors, Guest Authors, Post Rating System, and Custom User Registration Form Builder plugin for WordPress is vulnerable to time-based SQL Injection via the linked_user_id parameter in all versions up to, and including, 3.8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVE-2024-8757
Published Date: 2024-10-12T10:15:02.687
Last Modified: 2024-10-12T10:15:02.687
CVSS Score: 7.2 (HIGH)
EPSS Score: N/A
Risk Score: N/A
Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.
CVSS:
7.2 |
EPSS:
0%
Mitre ATT&CK Technical v15.1
T1053.002 – At
Technical Analysis & Mitigation Measures
Technical Attack Analysis:
– Attack Technique : The vulnerability allows for time-based SQL injection, which can enable an attacker to manipulate SQL queries by injecting malicious code through the `linked_user_id` parameter.
– Possible Outcomes of Exploitation :
– Data Exfiltration : Attackers can access sensitive information stored in the database, such as user credentials, personal information, or other confidential data.
– Database Manipulation : Attackers may alter or delete data, compromising the integrity of the website and its content.
– Privilege Escalation : By executing arbitrary SQL commands, attackers could potentially gain elevated privileges or access levels beyond their current authentication.
– Denial of Service : Maliciously crafted SQL queries could lead to performance degradation or downtime of the web application.
– Persistent Threats : Attackers could insert backdoors or other malicious scripts into the database for future exploitation.
Mitigation Measures:
– Validate and sanitize all user inputs to prevent injection attacks.
– Use prepared statements or parameterized queries for database interactions.
– Implement web application firewalls (WAF) to monitor and filter out malicious traffic.
– Regularly update and patch the WordPress plugin to address known vulnerabilities.
– Restrict database permissions to the minimum necessary for users.
– Employ logging and monitoring to detect unusual database activity.
– Conduct regular security audits and vulnerability assessments on web applications.
The content above is generated by AI. Please review and consider carefully before applying!
Reference Links
https://github.com/GumGumZz/wordpress/blob/main/wp-post-author.md
https://plugins.trac.wordpress.org/browser/wp-post-author/trunk/includes/multi-authors/wpa-multi-authors.php#L182
https://plugins.trac.wordpress.org/changeset/3166002/wp-post-author/trunk/includes/multi-authors/wpa-multi-authors.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/d667bafc-5f19-4889-a988-236df050c013?source=cve
Vendor - Produce - Version
None
Disclaimer
The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.