CVE-2022-25148 Scanner
Detects 'SQL Injection' vulnerability in WordPress Plugin WP Statistics affects v. <= 13.1.5
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Domain, Ipv4
Toolbox
-
WP Statistics is a widely used WordPress plugin that offers comprehensive analytics and statistics about website visitors. Developed by VeronaLabs, it provides WordPress site owners with insights into their traffic, visitor origins, which pages are being viewed, and the overall performance of the site. The plugin is designed for website administrators who aim to optimize their content and user experience based on data-driven insights. It is particularly popular among bloggers, small to medium-sized businesses, and digital marketers who rely on website analytics to make informed decisions. WP Statistics is appreciated for its ease of use, detailed reporting, and the ability to respect user privacy by not using external services to track and analyze site data.
The WP Statistics plugin before version 13.1.6 is vulnerable to an unauthenticated SQL Injection attack. This vulnerability arises from insufficient input validation and sanitization of the current_page_id parameter within the plugin's code. Attackers can exploit this flaw to inject and execute arbitrary SQL commands, which can lead to unauthorized access to the website's database. This can result in the exposure of sensitive information, alteration of website data, or even complete site takeover.
The vulnerability is specifically located in the ~/includes/class-wp-statistics-hits.php file of the WP Statistics plugin. By manipulating the current_page_id parameter in requests made to the plugin, attackers can execute SQL commands without authentication. The lack of proper input escaping and parameterization allows the injection of malicious SQL queries. This can be exploited to access sensitive database information, manipulate database entries, or perform other unauthorized database operations, putting the integrity and confidentiality of the site at risk.
Exploiting this SQL Injection vulnerability could have severe consequences, including unauthorized disclosure of confidential data, modification or deletion of data, and disruption of website operations. It could lead to the compromise of user accounts, exposure of personal information, and potentially give attackers the ability to control or damage the website. The breach of data privacy and security can also result in reputational damage and legal consequences for the site owner.
S4E's advanced scanning technology can help identify and mitigate vulnerabilities like the SQL Injection in the WP Statistics plugin, ensuring your website remains secure and compliant. By becoming a member, you gain access to our comprehensive vulnerability scanning services, which can detect a wide range of security issues. Our platform provides detailed reports, remediation guidance, and continuous monitoring, helping you to maintain a robust security posture against evolving threats. Joining S4E empowers you to protect your digital assets, build trust with your users, and avoid potential security breaches.
References
- https://wordpress.org/plugins/wp-statistics/
- https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042
- https://nvd.nist.gov/vuln/detail/CVE-2022-25148
- http://packetstormsecurity.com/files/174482/WordPress-WP-Statistics-13.1.5-SQL-Injection.html
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2679983%40wp-statistics&new=2679983%40wp-statistics&sfp_email=&sfph_mail=