WordPress WPDB SQL Injection

OWASP 2013-A1 OWASP 2017-A1 OWASP 2021-A3 PCI v3.2-6.5.1 OWASP PC-C3 CAPEC-66 CWE-89 WASC-19

This attack is applicable to WordPress WPDB in your server. SQL Injection is a kind of method used by hackers to access, modify and delete the data from the database. By leveraging SQL Injection hackers will also be able to bypass authentication and access unauthorized data from databases. In some cases, it can even be used to execute commands on the operating system, potentially allowing an attacker to escalate to more damaging attacks inside the network where the application is hosted. Based on different strategies used by the hackers for injecting the SQL commands there are different categories like In-Band SQL Injection, Inferential SQL Injection and Out of band SQL injection. Boolean based SQL injection is a kind of Inferential SQL Injection.

Many servers on the internet are using a vulnerable version of WordPress. This vulnerability might lead to critical vulnerability argument WPDB prepare function with an unknown input attack. This bug will be vulnerable to a SQL injection vulnerability. It can alter query logic to bypass security checks, or to insert additional statements that modify the back-end database.The $wpdb->prepare() function is used to create unexpected and unsafe queries. Using this method might lead to potential SQL injection (SQLi). The WordPress core is not directly vulnerable to SQL injection issue, but WordPress has added features to harden the security of the application by monitoring and preventing any installed plugins and/or themes from causing accidental triggering of this vulnerability. The WordPress before the version 4.8.2 mishandled the percentage (%) character and other additional placeholder values in the $wpdb->prepare. But, WordPress did not properly address the possibility of an SQL attack from plugins and themes.

Impact and Fixes

Latest Articles