Описание
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parameter before it is being interpolated in an SQL statement and then executed via the rating_vote AJAX action (available to both unauthenticated and authenticated users), leading to an SQL Injection.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.1.0 (включая)
cpe:2.3:a:usersultra:users_ultra:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 99%
0.85972
Высокий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parameter before it is being interpolated in an SQL statement and then executed via the rating_vote AJAX action (available to both unauthenticated and authenticated users), leading to an SQL Injection.
EPSS
Процентиль: 99%
0.85972
Высокий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89