WordPress adivaha Travel Plugin SQL Injection Scanner

The WordPress adivaha Travel Plugin is a widely-used plugin in the travel and tourism industry, facilitating online travel booking systems. It is employed by various travel agencies and hotels to manage their booking processes more efficiently. This plugin integrates with WordPress websites and is designed to enhance booking features while offering seamless connectivity with external travel databases. Users of this plugin benefit from streamlined processes and intuitive interfaces for travel product management. It is particularly popular among businesses looking for a flexible and comprehensive travel booking solution. The plugin helps reduce booking times and enhances the user experience for both administrators and end customers.

The SQL Injection vulnerability in the adivaha Travel Plugin allows unauthorized users to manipulate the SQL queries executed by the database. Such vulnerabilities occur when an application fails to properly sanitize input, leaving it open to manipulation by malicious actors. By exploiting this vulnerability, attackers can potentially gain unauthorized access to sensitive data stored in the database. The vulnerability is characterized by its capacity to retrieve or manipulate large volumes of data through crafted inputs. It poses a significant security risk as it could lead to the exposure of confidential travel booking details and user information. Essentially, it undermines the security architecture of the affected WordPress installations.

Technical analysis of the vulnerability reveals that it is located in the endpoint /mobile-app/v3/?pid. The parameter pid is susceptible to SQL Injection, which can be exploited through time-based techniques. This involves inputting synthetic queries designed to delay responses, indicating vulnerability when the delay condition is met. In this particular case, attackers can cause a controlled delay using the SLEEP function within the SQL query. This delay acts as a timing channel to extract information from the database through a series of systematically crafted requests. Additionally, the exploitation does not require authentication, making it easily exploitable by remote attackers.

When exploited, this SQL Injection vulnerability can have severe repercussions on both the application and its users. The potential effects include unauthorized access to confidential information, manipulation or deletion of data, and compromise of database integrity. These can lead to significant financial losses, legal issues, and damage to brand reputation. Malicious actors can exfiltrate sensitive data such as client details, booking information, and possibly financial data. In severe cases, attackers may leverage the vulnerability to escalate privileges and take control of the web server hosting the WordPress site.

REFERENCES

• https://wordpress.org/plugins/adiaha-hotel/