MailArchiver WordPress Plugin SQL Injection Vulnerability in Event Logging Feature
Vulnerability
A SQL injection vulnerability has been identified in the MailArchiver plugin for WordPress, affecting all versions through 4.5.0. The issue arises from inadequate escaping of user-supplied data in the 'logid' parameter, allowing authenticated attackers with Administrator-level access to manipulate SQL queries. Exploitation of this vulnerability could lead to unauthorized access to sensitive database information.
Impact
Exploitation allows authenticated users with Administrator privileges to inject and execute additional SQL commands, potentially leading to unauthorized data access or manipulation.
Reproduction
To reproduce this vulnerability, an authenticated user with Administrator privileges can send a request to the WordPress admin interface, including a crafted 'logid' parameter. The injected SQL payload must be designed to exploit the insufficient escaping and query preparation, appending malicious SQL that could, for example, extract sensitive information from the database.
Remediation
Users are advised to update the MailArchiver plugin to version 4.5.1 or a newer patched version.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.