wpDataTables < 3.4.2 - Blind SQL Injection via start Parameter
CVE-2021-24199

6.5MEDIUM

Key Information:

Vendor: Wordpress
Status: WPdatatables – Tables & Table Charts
Vendor: CVE Published:; 12 April 2021

What is CVE-2021-24199?

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application.

Affected Version(s)

wpDataTables – Tables & Table Charts 3.4.2

References

https://wpdatatables.com/help/whats-new-changelog/

x_refsource_MISC

https://n4nj0.github.io/advisories/wordpress-plugin-wpdat...

x_refsource_MISC

https://wpscan.com/vulnerability/5c98c2d6-d002-4cff-9d6f-...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 12, 2021
Vulnerability Reserved
Jan 14, 2021

Credit

Veno Eivazian, Massimiliano Ferraresi