Popup Builder WordPress Plugin SQL Injection Vulnerability
Vulnerability
A SQL injection vulnerability has been identified in the Popup Builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress. This vulnerability exists in all versions through 2.2.0 and allows unauthenticated attackers to manipulate SQL queries via multiple REST API endpoints. The issue arises from inadequate escaping of user-supplied parameters and insufficient preparation of existing SQL queries, enabling attackers to append additional SQL commands that could extract sensitive information from the database.
Impact
Exploitation of this vulnerability allows for unauthorized SQL injection, where attackers can manipulate database queries to extract confidential data.
Reproduction
The vulnerability can be reproduced by sending a request to one of the affected REST API endpoints with a crafted SQL injection payload. The lack of proper input sanitization allows the injected SQL to be executed, potentially leading to unauthorized data access.
Remediation
Users are advised to update the Popup Builder WordPress plugin to version 2.2.1 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.