Unauthenticated SQL Injection Vulnerability in WP eCommerce Plugin
CVE-2024-1514

7.5HIGH

Key Information:

Vendor: Wordpress
Status: WP Ecommerce
Vendor: CVE Published:; 28 February 2024

Summary

The WP eCommerce plugin for WordPress exhibits a serious vulnerability that allows for execution of time-based blind SQL Injection attacks through the 'cart_contents' parameter. This flaw arises from inadequate escaping of user-supplied input, alongside a lack of necessary preparation for the existing SQL queries. As a result, this vulnerability empowers unauthenticated attackers to introduce arbitrary SQL queries into the existing ones, potentially leading to the unauthorized extraction of sensitive information stored in the database.

Affected Version(s)

WP eCommerce * <= 3.15.1

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/wp-e-commerce/...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 28, 2024
Vulnerability Reserved
Feb 14, 2024

Credit

Krzysztof Zając