Supsystic Membership SQL Injection Vulnerability

A SQL injection vulnerability has been identified in the Supsystic Membership WordPress plugin, specifically in version 1.4.7. This vulnerability allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the 'search' and 'sidx' parameters. Exploitation can be done by sending crafted GET requests to the badges module, where attackers can use time-based blind or UNION-based SQL injection techniques to extract sensitive database information.

Impact

Exploitation of this vulnerability allows for arbitrary SQL query execution, which could lead to unauthorized data access or manipulation within the database.

Reproduction

To reproduce this vulnerability, send a GET request to the WordPress admin page for the Supsystic Membership badges module. Include the 'search' parameter with a payload that exploits the SQL injection vulnerability, such as a time-based blind injection or a UNION-based injection. The 'sidx' parameter can also be used to facilitate the injection.

Remediation

Users are advised to update to the latest version of the Supsystic Membership plugin, as this vulnerability has been fixed.