Wp Tabber Widget SQL Injection Vulnerability in WordPress

A SQL injection vulnerability has been identified in the Wp Tabber Widget plugin for WordPress, affecting all versions up to and including 4.0. The vulnerability arises from inadequate escaping of user-supplied parameters in the 'wp-tabber-widget' shortcode, coupled with a lack of proper preparation for the existing SQL query. This flaw allows authenticated attackers with Contributor-level access or higher to inject additional SQL queries into the application's database queries. Exploitation of this vulnerability could lead to unauthorized access to sensitive information stored in the database.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate database queries to extract sensitive information from the database.

Reproduction

To reproduce this vulnerability, an authenticated user with Contributor-level access or higher can use the 'wp-tabber-widget' shortcode. The injection can be performed by appending crafted SQL payloads into the 'leftgroup' or 'rightgroup' parameters of the shortcode, exploiting the insufficient input sanitization before the data is used in a database query.

Remediation

No known patch is available. It is recommended to uninstall the affected plugin and find a replacement.