WordPress Adivaha Travel Plugin Time-Based Blind SQL Injection Vulnerability

A time-based blind SQL injection vulnerability has been identified in the WordPress Adivaha Travel Plugin version 2.3. This vulnerability allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Exploitation occurs by sending requests to the '/mobile-app/v3/' endpoint with crafted 'pid' values that include XOR-based payloads. This could lead to the extraction of sensitive database information or cause a denial-of-service condition.

Impact

Exploitation of this vulnerability allows for unauthorized database access, where attackers can extract, modify, or disrupt database information and application availability.

Reproduction

To reproduce this vulnerability, send a request to the '/mobile-app/v3/' endpoint with a 'pid' parameter that includes a time-based blind SQL injection payload. The payload should be crafted to exploit the SQL injection vulnerability by, for example, using XOR to manipulate the SQL query execution, such as injecting a payload that causes the SQL query to sleep for a specified duration, indicating successful exploitation.