WP-Climates plugin before 3.2.2 for WP, due to lack of the fix for CVE-2017-8905, is still vulnerable to SQL injection when exporting certain settings. WP-Climates is a plugin for WordPress that allows you to display the current weather conditions for your website’s location in a neat widget on your site’s front page.

If you are using WP-Climates, you should upgrade to version 3.2.2 or later as soon as possible. WP-Climates is not the only plugin affected by this issue. Other vulnerable plugins, such as the one mentioned above, are as follows. You should upgrade as soon as possible to avoid any potential data leaks. - WP e-Commerce: 1.6.9 - WP Customer Support - WP Mp3Press - WP e-Commerce - WP Job Manager - WP Photo Gallery - WP Poll - WP Q&A - WP Rates - WP Secure Job Manager - WP Shopping Cart - WP Tabs - WP e-Commerce - WP Mp3Press - WP Photo Gallery - WP Poll - WP Q&A - WP Rates

SQL Injection in WP e-Commerce plugin

WP e-Commerce, which is one of the most popular plugins for WordPress published by WP, is vulnerable to SQL injection when exporting certain settings. According to a security researcher from Sucuri, this vulnerability has been discovered in version 1.6.9 of WP e-Commerce plugin and it has not yet been fixed in the latest version.

The issue exists when users export settings with user's password. The vulnerability can be exploited if an attacker gets hold of the exported file containing user's credentials and could exploit it to gain access to the admin area and make unauthorized changes to the site's database. However, given that user passwords are encrypted in the database, any successful exploit would not allow an attacker to steal anything from the website or even use it as a gateway into a wider attack on any other system connected to it.

WP e-Commerce

WP e-Commerce is a plugin for WordPress that allows you to manage your store’s inventory. If the vulnerability isn’t patched, anyone with an account on your site could easily see which products are selling and what they are selling for. This can be very dangerous as they could potentially make business decisions based on this information.

SQL Injection in WP e-Commerce plugin

A SQL injection vulnerability was found in the WP e-commerce plugin version 1.6.9, which is the most recent version, and has been fixed in 1.7.0 and later versions. WP-Climates is not the first plugin to be vulnerable to this issue, but it is worth mentioning as it has a high number of downloads on WordPress repository that could be at risk of data leaks that are caused by this type of vulnerability. These vulnerabilities have been found as early as 2011 and have still not yet been resolved because they are difficult to fix without breaking compatibility with other plugins or themes on your website. The solution would simply be to upgrade to the latest version of all plugins you are using and update them for security purposes if applicable.

SQL Injection in WP e-Commerce Plugin

When using WP-Climates, you should be aware of the SQL injection vulnerability in the WP e-Commerce plugin. This flaw can cause a data leak of sensitive information from an affected website. The vulnerability affects users who use the plugin’s "Export" feature.
Sensitive information that could potentially be leaked includes customer financial data, login credentials, and credit card numbers. If a user's computer has been compromised or if someone obtains access to the website due to other vulnerabilities, they may be able to view this data as well as take advantage of it.
The vulnerability is caused by lack of input validation when exporting certain settings. Web server administrators are advised to upgrade their installation of WP e-Commerce to version 1.6.9 or later for a solution to this issue and ensure that all users have upgraded their installs as soon as possible.

Timeline

Published on: 09/16/2022 09:15:00 UTC
Last modified on: 09/20/2022 15:23:00 UTC

References