SupportCandy < 3.1.7 - Admin+ SQLi
CVE-2023-2805

7.2HIGH

Key Information:

Vendor: Wordpress
Status: Supportcandy
Vendor: CVE Published:; 19 June 2023

Summary

The SupportCandy plugin for WordPress prior to version 3.1.7 contains a flaw in the handling of the agents[] parameter within the set_add_agent_leaves AJAX function. This issue arises due to improper sanitization and escaping of the parameter before it is used in a SQL statement. As a result, high privilege users, such as administrators, can exploit this vulnerability, potentially leading to unauthorized access or manipulation of the database.

Affected Version(s)

SupportCandy 0 < 3.1.7

References

https://wpscan.com/vulnerability/bdb75c8c-87e2-4358-ad3b-...

exploitvdb-entrytechnical-description

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 19, 2023
Vulnerability Reserved
May 19, 2023

Credit

dc11

WPScan