CVE-2021-24200

wpDataTables < 3.4.2 - Blind SQL Injection via length Parameter

Description

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application.

References

Link	Tags
https://wpdatatables.com/help/whats-new-changelog/	release notes vendor advisory
https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/	third party advisory
https://wpscan.com/vulnerability/21aa7e18-0162-45bf-a5c6-ceee64ffa1f9	third party advisory

Frequently Asked Questions

What is the severity of CVE-2021-24200?: CVE-2021-24200 has been scored as a medium severity vulnerability.
How to fix CVE-2021-24200?: To fix CVE-2021-24200, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-24200 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2021-24200 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-24200?: CVE-2021-24200 affects wpDataTables wpDataTables – Tables & Table Charts.

Description

Category

CWE-89 – Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

References

Frequently Asked Questions