Categories
Security

SQLi Vulnerability in YITH WooCommerce Wishlist

SQLi Vulnerability in YITH WooCommerce Wishlist

As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the YITH WooCommerce Wishlist plugin for WordPress. This plugin allows visitors and potential customers to make wish lists containing products in the WooCommerce store, and is currently installed on 500,000+ websites.

Are You at Risk?

This vulnerability is caused by the lack of sanitization of user provided data in versions below 2.2.0.

Continue reading SQLi Vulnerability in YITH WooCommerce Wishlist at Sucuri Blog.

Categories
Security

SQL Injection in bbPress

SQL Injection in bbPress

During regular audits of our Sucuri Firewall (WAF), one of our researchers at the time, Slavco Mihajloski, discovered an SQL Injection vulnerability affecting bbPress. If the proper conditions are met, this vulnerability is very easy to abuse by any visitors on the victim’s website.

Because details about this vulnerability have been made public today on a Hackerone report, and updating to the latest version of WordPress fixes the root cause of the problem, we chose to disclose this bug and make the details public.

Continue reading SQL Injection in bbPress at Sucuri Blog.

Categories
Security

SQL Injection Vulnerability in WP Statistics

SQL Injection Vulnerability in WP Statistics

As part of a vulnerability research project for our Sucuri Firewall, we have been auditing popular open source projects looking for security issues.

While working on the WordPress plugin WP Statistics, we discovered a SQL Injection vulnerability. This plugin is currently installed on 300,000+ websites.

Are You at Risk?

This vulnerability is caused by the lack of sanitization in user provided data. An attacker with at least a subscriber account could leak sensitive data and under the right circumstances/configurations compromise your WordPress installation.

Continue reading SQL Injection Vulnerability in WP Statistics at Sucuri Blog.

Categories
Security

SQL Injection Vulnerability in NextGEN Gallery for WordPress

SQL Injection Vulnerability in NextGEN Gallery for WordPress

As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for security issues. While working on the WordPress plugin NextGEN Gallery, we discovered a severe SQL Injection vulnerability. This vulnerability allows an unauthenticated user to grab data from the victim’s website database, including sensitive user information.

Are You at Risk?

This vulnerability can be exploited by attackers in at least two different scenarios:

  1. If you use a NextGEN Basic TagCloud Gallery on your site, or
  2. If you allow your users to submit posts to be reviewed (contributors).

Continue reading SQL Injection Vulnerability in NextGEN Gallery for WordPress at Sucuri Blog.