WordPress Poll Maker SQL Injection Vulnerability for Authenticated Administrators

A SQL injection vulnerability has been identified in the Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress. This vulnerability exists in all versions up to and including 6.0.7. It allows authenticated attackers with Administrator-level access to inject additional SQL queries through the 'filterbyauthor' parameter. The vulnerability arises from inadequate escaping of user-supplied data and insufficient preparation of the SQL query, potentially enabling the extraction of sensitive information from the database.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate SQL queries to access or modify database information. In this case, it could lead to unauthorized data exposure.

Reproduction

To reproduce this vulnerability, an authenticated user with Administrator privileges can send a request to the WordPress site with the 'filterbyauthor' parameter. The lack of proper input sanitization allows for the injection of malicious SQL code, which could be executed by the database server.

Remediation

Users are advised to update the Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin to version 6.0.8 or later, where this vulnerability has been patched.