CVE-2024-4443 Scanner
CVE-2024-4443 scanner - SQL Injection vulnerability in Business Directory Plugin for WordPress
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Domain, Ipv4
Toolbox
-
The Business Directory Plugin for WordPress is widely used by website administrators to create and manage business listings. It is commonly used by small to medium-sized businesses to showcase their services online. The plugin allows users to easily add, edit, and organize business information on their websites. It is popular for its ease of use and extensive customization options. Many businesses rely on it to maintain an up-to-date directory of their services and contact information.
The Business Directory Plugin for WordPress is vulnerable to a SQL Injection attack via the 'listingfields' parameter. This vulnerability allows an unauthenticated attacker to inject arbitrary SQL queries into the database. Exploiting this issue could lead to the extraction of sensitive information from the database. The vulnerability exists in all versions up to and including 6.4.2.
The SQL Injection vulnerability in the Business Directory Plugin is due to insufficient escaping of user-supplied input in the 'listingfields' parameter. Specifically, the parameter is not properly sanitized before being included in an SQL query. This allows attackers to manipulate the SQL query by injecting additional SQL code. The vulnerability is located in the search functionality of the plugin, where user input is directly included in the query without proper validation. The vulnerable endpoint is '/business-directory/?dosrch=1&q=&wpbdp_view=search'.
Exploitation of this vulnerability could have severe consequences. Attackers could gain unauthorized access to the database, leading to the exposure of sensitive information such as user credentials, business details, and other confidential data. Additionally, the attackers could modify or delete database entries, disrupt website operations, and potentially execute further attacks on the server. The overall integrity and availability of the business directory could be compromised.
By becoming a member of the S4E platform, you gain access to a comprehensive suite of security scanning tools designed to protect your digital assets. Our platform provides timely alerts and detailed reports on vulnerabilities, enabling you to take immediate action. With our proactive monitoring and expert recommendations, you can ensure the security and integrity of your website. Join S4E today and stay ahead of potential threats, safeguarding your business and your customers.
References:
- https://plugins.trac.wordpress.org/browser/business-directory-plugin/trunk/includes/fields/class-fieldtypes-select.php#L110
- https://plugins.trac.wordpress.org/changeset/3089626/
- https://www.wordfence.com/threat-intel/vulnerabilities/id/982fb304-08d6-4195-97a3-f18e94295492?source=cve
- https://nvd.nist.gov/vuln/detail/CVE-2024-4443