FKIE_CVE-2015-2292

Vulnerability from fkie_nvd - Published: 2015-03-17 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple SQL injection vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) order_by or (2) order parameter in the wpseo_bulk-editor page to wp-admin/admin.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.
References
cve@mitre.orghttp://packetstormsecurity.com/files/130811/WordPress-SEO-By-Yoast-1.7.3.3-SQL-Injection.htmlExploit
cve@mitre.orghttp://seclists.org/fulldisclosure/2015/Mar/73Exploit
cve@mitre.orghttp://www.securitytracker.com/id/1031920Exploit
cve@mitre.orghttps://wordpress.org/plugins/wordpress-seo/changelog/
cve@mitre.orghttps://wpvulndb.com/vulnerabilities/7841Exploit
cve@mitre.orghttps://www.exploit-db.com/exploits/36413/
cve@mitre.orghttps://yoast.com/wordpress-seo-security-release/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/130811/WordPress-SEO-By-Yoast-1.7.3.3-SQL-Injection.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2015/Mar/73Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031920Exploit
af854a3a-2127-422b-91ae-364da2661108https://wordpress.org/plugins/wordpress-seo/changelog/
af854a3a-2127-422b-91ae-364da2661108https://wpvulndb.com/vulnerabilities/7841Exploit
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/36413/
af854a3a-2127-422b-91ae-364da2661108https://yoast.com/wordpress-seo-security-release/Vendor Advisory
Impacted products
Vendor Product Version
yoast wordpress_seo *
yoast wordpress_seo 1.6.0
yoast wordpress_seo 1.6.1
yoast wordpress_seo 1.6.2
yoast wordpress_seo 1.6.3
yoast wordpress_seo 1.7.1
yoast wordpress_seo 1.7.2
yoast wordpress_seo 1.7.3
yoast wordpress_seo 1.7.3.1
yoast wordpress_seo 1.7.3.2
yoast wordpress_seo 1.7.3.3
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:*:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "AFD2D356-0447-4EE8-823D-0500E8496870",
              "versionEndIncluding": "1.5.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.6.0:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "2F19DB4E-EB9B-405E-8C7D-0A7273CEE779",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.6.1:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "58918158-0AEF-4DDB-8B95-56739C5F99CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.6.2:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "5FACBDE2-D9F4-4330-9D5E-0336F130D1C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.6.3:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "597D08B2-E58E-4AC4-B1F9-660015506A7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.7.1:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "84FDF198-8B7E-431A-802E-9EC6A23BAB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.7.2:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "8C4468DC-91D8-4AB8-9C13-A826E9AB50C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.7.3:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "B87AD79A-90D0-42FB-BA9B-F0E25F44A797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.7.3.1:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "86C6AA39-810E-4688-991F-4B17672C6FCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.7.3.2:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "F7762119-2B03-4B0D-B19A-42C6A74DBCAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yoast:wordpress_seo:1.7.3.3:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "63AEC8FD-F526-4BB3-BE1D-37B45D7B7F2B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple SQL injection vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) order_by or (2) order parameter in the wpseo_bulk-editor page to wp-admin/admin.php.  NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades inyecci\u00f3n SQL en admin/class-bulk-editor-list-table.php en WordPress SEO por el plugin Yoast anterior a 1.5.7, 1.6.x anterior a 1.6.4, y 1.7.x anterior a 1.7.4 de WordPress permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s de (1) order_by o (2) par\u00e1metro order en la p\u00e1gina the wpseo_bulk-editor en wp-admin/admin.php. NOTA: esto se puede aprovechar mediante CSRF que permite a atacantes remotos ejecutar comandos SQL arbitrarios."
    }
  ],
  "id": "CVE-2015-2292",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-03-17T15:59:00.063",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/130811/WordPress-SEO-By-Yoast-1.7.3.3-SQL-Injection.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/Mar/73"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securitytracker.com/id/1031920"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://wordpress.org/plugins/wordpress-seo/changelog/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://wpvulndb.com/vulnerabilities/7841"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/36413/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://yoast.com/wordpress-seo-security-release/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/130811/WordPress-SEO-By-Yoast-1.7.3.3-SQL-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/Mar/73"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securitytracker.com/id/1031920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://wordpress.org/plugins/wordpress-seo/changelog/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://wpvulndb.com/vulnerabilities/7841"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/36413/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://yoast.com/wordpress-seo-security-release/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.