A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to get_script/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user.
Recent assessments:
h00die at January 18, 2021 3:04pm UTC reported:
Blind SQLi in Chop Slider 3 by iDangero.us. The true value of this exploit is low, simply because the company stopped supporting the plugin several years before the exploit was discovered. Most users had therefore moved away from the plug-in before disclosure.
The iDangero.us Chop Slider 3 WordPress plugin prior to version 3.4 contains a blind SQL injection in the id
parameter of the get_sript/index.php
page. The injection is passed through GET
parameters, and thus must be encoded, and magic_quotes is applied at the server.
Exploitable in default config, a valid id
is not required.
<https://github.com/rapid7/metasploit-framework/pull/14576>
Assessed Attacker Value: 1
Assessed Attacker Value: 1Assessed Attacker Value: 4
packetstormsecurity.com/files/157607/WordPress-ChopSlider-3-SQL-Injection.html
packetstormsecurity.com/files/157655/WordPress-ChopSlider3-3.4-SQL-Injection.html
seclists.org/fulldisclosure/2020/May/26
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11530
github.com/idangerous/Plugins/tree/master/Chop%20Slider%203
idangero.us