Support Board < 3.3.4 - Multiple Unauthenticated SQL Injections
CVE-2021-24741

9.8CRITICAL

Key Information:

Vendor
Wordpress
Status
Support Board
Vendor
CVE Published:
20 September 2021

Badges

πŸ‘Ύ Exploit Exists

Summary

The Support Board WordPress plugin before 3.3.4 does not escape multiple POST parameters (such as status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id) before using them in SQL statements, leading to SQL injections which are exploitable by unauthenticated users.

Affected Version(s)

Support Board 3.3.4

References

https://medium.com/%40lijohnjefferson/multiple-sql-inject...
x_refsource_MISC
https://wpscan.com/vulnerability/ccf293ec-7607-412b-b662-...
x_refsource_MISC
https://board.support/changes
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability Reserved

Credit

John Jefferson Li
.