WordPress Community Events Plugin SQL Injection Vulnerability
Vulnerability
A SQL injection vulnerability has been identified in the Community Events plugin for WordPress, affecting all versions through 1.5.8. The issue arises in the 'on_save_changes_venues' function, where insufficient data escaping allows authenticated attackers with Administrator-level access to inject additional SQL queries. This exploitation can lead to unauthorized data extraction from the database via a manipulated CSV file upload.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the database queries made by the application. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.
Reproduction
To reproduce this vulnerability, upload a CSV file containing crafted data into the 'ce_venue_name' field while using a version of the Community Events plugin prior to 1.5.9. Ensure that the user has Administrator-level access.
Remediation
Users are advised to update the Community Events plugin to version 1.5.9 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.