Time-Based SQL Injection Vulnerability in Google Tag Manager for WooCommerce Plugin
CVE-2024-0786

8.8HIGH

Key Information:

Vendor: Wordpress
Status: Conversios – Google Analytics 4 (ga4), Meta Pixel & More Via Google Tag Manager For WooCommerce
Vendor: CVE Published:; 28 February 2024

Summary

The Conversios plugin for Google Analytics 4, Meta Pixel, and WooCommerce is susceptible to a time-based SQL Injection vulnerability through the 'ee_syncProductCategory' function. This issue arises from inadequate escaping of user-provided parameters such as 'conditionData', 'valueData', 'productArray', 'exclude', and 'include'. Authenticated attackers with subscriber-level access or higher can exploit this vulnerability by injecting additional SQL queries into existing queries, potentially leading to the extraction of sensitive database information.

Affected Version(s)

Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce * <= 6.9.1

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/enhanced-e-com...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 28, 2024
Vulnerability Reserved
Jan 22, 2024

Credit

Maksim Kosenko