Blind SQL Injection Vulnerability in TagDiv's Opt-In Builder Plugin
CVE-2023-3416

7.2HIGH

Key Information:

Vendor
Tagdiv
Status
Tagdiv Opt-in Builder
Vendor
CVE Published:
17 August 2024

Summary

The tagDiv Opt-In Builder plugin has a vulnerability that allows blind SQL injection through the 'subscriptionCouponId' parameter in the 'create_stripe_subscription' REST API endpoint. This weakness arises from insufficient escaping of user input and inadequate preparation of SQL queries. Authenticated attackers possessing administrator privileges can append malicious SQL commands to existing queries, which may lead to unauthorized access and extraction of sensitive information from the database. The vulnerability affects all versions up to and including 1.4.4, highlighting a significant security concern for users relying on this plugin.

Affected Version(s)

tagDiv Opt-In Builder * <= 1.4.4

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://tagdiv.com/tagdiv-opt-in-builder/

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Truoc Phan
.