WPNakama WordPress Plugin Time-Based SQL Injection Vulnerability

A time-based SQL injection vulnerability has been identified in the WPNakama plugin for WordPress, affecting all versions through 0.6.3. The vulnerability arises from inadequate escaping of user-supplied input in the 'order_by' parameter, allowing unauthenticated attackers to inject additional SQL queries. This exploitation could lead to the extraction of sensitive information from the database.

Impact

Exploitation of this vulnerability allows for time-based SQL injection, where an attacker can manipulate SQL queries to extract data from the database. This could include accessing sensitive information stored within the WordPress database, such as user data or plugin-specific information.

Reproduction

To reproduce this vulnerability, send a request to the WordPress site with the WPNakama plugin active. Include the 'order_by' parameter in the request. The absence of proper input validation and escaping allows for the injection of malicious SQL that could be executed by the database.

Remediation

Users are advised to update the WPNakama plugin to version 0.6.4 or later, where this vulnerability has been patched.