WordPress Security

SQL Injection Vulnerability Discovered in WordPress Plugin

Updated on: March 29, 2020

SQL Injection Vulnerability Discovered in WordPress Plugin

WordPress, the juggernaut CMS powering more than 1 billion websites, most notable ones being Techcrunch, The New Yorker, Sony, and MTV among many other, is not devoid of vulnerabilities when it comes to website security. Recently, one of its most popular plugins, WP Statistics, was deemed as flawed, rendering nearly 300,000 websites open to exploitation by attackers online.

The plugin WP Statistics has recently been discovered vulnerable to SQL Injection flaw. Exploiting which a remote attacker, with as much as a subscriber account, can steal sensitive information from the website’s database and possibly gain unauthorized access to websites. The vulnerability has been termed as ‘severe’.

Technical Details

SQL Injection refers to a web application malpractice where hackers inject a Structured Query Language (SQL) Code in user inputs with the sole purpose of stealing database contents. The vulnerability resides in multiple functions in the WP statistics plugin including wp_statistics_searchengine_query().

By simply calling the above shortcode, admin users can obtain detailed information about the number of visits. While some attributes of the shortcode are being passed as parameters for important functions, it becomes essential to sanitize inputs to these functions. But on the contrary, function  wp_statistics_searchengine_query()  is accessible through WordPress’ AJAX functionality thanks to the core function  wp_ajax_parse_media_shortcode().

The issue stems from the inability of the software to sanitize the data properly once inserted in form queries. WordPress allows developers to make content that can be injected into pages using a shortcode. This becomes a problem with the following WP Statistics shortcode:

[shortcode atts_1=”test” atts_2=”test”]

Update immediately

Plugins provide a horde of functionalities to WordPress based websites. Such vulnerabilities are emblematic of a greater issue. In order to make fast releases and bring functionalities first in the market, it often leads to trading off the security aspect of the application. WordPress Security is a grave issue today.

The only rectification is to immediately update to the latest version. To secure your WordPress website and audit for potential threats, visit Astra WordPress Security.

Was this post helpful?

Tags: , ,

Bhagyeshwari Chauhan

An engineering grad and a technical writer, Bhagyeshwari blogs about web security, futuristic tech and space science.

Questions? Got something to add? Let’s Talk

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include firewall, malware scanner and security audits to protect your site from the
evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany