Popup Builder Unauthenticated SQL Injection Vulnerability
Vulnerability
A SQL injection vulnerability has been identified in the Popup Builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress, affecting all versions through 2.1.3. The vulnerability arises from inadequate escaping of the 'id' parameter and insufficient preparation of the SQL query, allowing unauthenticated attackers to inject additional SQL commands. This exploitation could lead to the extraction of sensitive information from the database.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate SQL queries to access or modify database information. In this case, it could be used to extract sensitive data from the database.
Reproduction
The vulnerability can be reproduced by sending a request to the WordPress site with the 'id' parameter. The lack of proper input validation and query preparation will allow the injected SQL to be executed, manipulating the database query process.
Remediation
Users are advised to update the Popup Builder plugin to version 2.1.4 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.