github - ghsa-9mj4-xv45-qwq2

ghsa-9mj4-xv45-qwq2

Vulnerability from github

Published

2022-05-24 19:04

Modified

2022-05-24 19:04

Details

The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress esc_sql() function on a field not delimited by quotes and did not first prepare the query. Additionally, the page, which should have been accessible to administrator only, was also available to any visitor, including unauthenticated ones.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-24340"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-07T11:15:00Z",
    "severity": "HIGH"
  },
  "details": "The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress esc_sql() function on a field not delimited by quotes and did not first prepare the query. Additionally, the page, which should have been accessible to administrator only, was also available to any visitor, including unauthenticated ones.",
  "id": "GHSA-9mj4-xv45-qwq2",
  "modified": "2022-05-24T19:04:15Z",
  "published": "2022-05-24T19:04:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-24340"
    },
    {
      "type": "WEB",
      "url": "https://wpscan.com/vulnerability/d2970cfb-0aa9-4516-9a4b-32971f41a19c"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/blog/2021/05/over-600000-sites-impacted-by-wp-statistics-patch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2021-24340

Vulnerability from cvelistv5

Published

2021-06-07 10:49

Modified

2024-08-03 19:28

Severity ?

Summary

WP Statistics < 13.0.8 - Unauthenticated SQL Injection

References

▼	URL	Tags
	https://wpscan.com/vulnerability/d2970cfb-0aa9-4516-9a4b-32971f41a19c	x_refsource_CONFIRM
	https://www.wordfence.com/blog/2021/05/over-600000-sites-impacted-by-wp-statistics-patch/	x_refsource_MISC

Impacted products

▼	Vendor	Product
	VeronaLabs	WP Statistics

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:28:23.425Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/d2970cfb-0aa9-4516-9a4b-32971f41a19c"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/blog/2021/05/over-600000-sites-impacted-by-wp-statistics-patch/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WP Statistics",
          "vendor": "VeronaLabs",
          "versions": [
            {
              "lessThan": "13.0.8",
              "status": "affected",
              "version": "13.0.8",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Ram Gall (Wordfence)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress esc_sql() function on a field not delimited by quotes and did not first prepare the query. Additionally, the page, which should have been accessible to administrator only, was also available to any visitor, including unauthenticated ones."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89 SQL Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-07T10:49:50",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wpscan.com/vulnerability/d2970cfb-0aa9-4516-9a4b-32971f41a19c"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.wordfence.com/blog/2021/05/over-600000-sites-impacted-by-wp-statistics-patch/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "WP Statistics \u003c 13.0.8 - Unauthenticated SQL Injection",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2021-24340",
          "STATE": "PUBLIC",
          "TITLE": "WP Statistics \u003c 13.0.8 - Unauthenticated SQL Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WP Statistics",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "13.0.8",
                            "version_value": "13.0.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "VeronaLabs"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Ram Gall (Wordfence)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress esc_sql() function on a field not delimited by quotes and did not first prepare the query. Additionally, the page, which should have been accessible to administrator only, was also available to any visitor, including unauthenticated ones."
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-89 SQL Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/d2970cfb-0aa9-4516-9a4b-32971f41a19c",
              "refsource": "CONFIRM",
              "url": "https://wpscan.com/vulnerability/d2970cfb-0aa9-4516-9a4b-32971f41a19c"
            },
            {
              "name": "https://www.wordfence.com/blog/2021/05/over-600000-sites-impacted-by-wp-statistics-patch/",
              "refsource": "MISC",
              "url": "https://www.wordfence.com/blog/2021/05/over-600000-sites-impacted-by-wp-statistics-patch/"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2021-24340",
    "datePublished": "2021-06-07T10:49:50",
    "dateReserved": "2021-01-14T00:00:00",
    "dateUpdated": "2024-08-03T19:28:23.425Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted