Tax Service Electronic HDM WordPress Plugin Unauthenticated SQL Execution Vulnerability
Vulnerability
A vulnerability in the Tax Service Electronic HDM WordPress plugin, affecting versions prior to 1.2.1, allows unauthenticated users to execute arbitrary SQL statements. This issue arises because the plugin's AJAX action lacks proper authorization and Cross-Site Request Forgery (CSRF) protections.
Impact
Exploitation of this vulnerability could lead to unauthorized execution of SQL commands, potentially allowing attackers to manipulate the database, such as creating new user accounts with administrative privileges.
Reproduction
To reproduce this vulnerability, upload a crafted SQL file containing malicious SQL commands, such as those that create a new user with administrative rights, using an AJAX request to 'admin-ajax.php' without authentication. The absence of authorization checks will allow the SQL commands to be executed on the WordPress database.
Remediation
Users are advised to update the Tax Service Electronic HDM WordPress plugin to version 1.2.1 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.