Описание
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is possible because of how the IP address is retrieved and used inside a SQL query. The function "hmwp_get_user_ip" tries to retrieve the IP address from multiple headers, including IP address headers that the user can spoof, such as "X-Forwarded-For." As a result, the malicious payload supplied in one of these IP address headers will be directly inserted into the SQL query, making SQL injection possible.
Ссылки
- Product
- PatchThird Party Advisory
- ExploitThird Party Advisory
- Product
- PatchThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
8.6 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is possible because of how the IP address is retrieved and used inside a SQL query. The function "hmwp_get_user_ip" tries to retrieve the IP address from multiple headers, including IP address headers that the user can spoof, such as "X-Forwarded-For." As a result, the malicious payload supplied in one of these IP address headers will be directly inserted into the SQL query, making SQL injection possible.
EPSS
8.6 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2