CVE-2021-24200
wpDataTables < 3.4.2 - Blind SQL Injection via length Parameter
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application.
El plugin wpDataTables – Tables & Table Charts premium WordPress versiones anteriores a 3.4.2, permite a un usuario autenticado poco privilegiado llevar a cabo una inyección SQL ciega basada en Booleanos en la página de lista de tablas en el endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, en el parámetro POST HTTP "length". Esto permite a un atacante acceder a todos los datos de la base de datos y conseguir acceso a la aplicación de WordPress
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application. Please note that this only affects the premium version of the plugin which shares the same slug as the free version.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-01-14 CVE Reserved
- 2021-03-16 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii | Third Party Advisory | |
| https://wpscan.com/vulnerability/21aa7e18-0162-45bf-a5c6-ceee64ffa1f9 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://wpdatatables.com/help/whats-new-changelog | 2021-04-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tms-outsource Search vendor "Tms-outsource" | Wpdatatables Search vendor "Tms-outsource" for product "Wpdatatables" | < 3.4.2 Search vendor "Tms-outsource" for product "Wpdatatables" and version " < 3.4.2" | premium, wordpress |
Affected
| ||||||