CVE-2021-24555

Diary & Availability Calendar <= 1.0.3 - Authenticated (subscriber+) SQL Injection

EPSS 0.8%CWE-352 CWE-89

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

23 ago 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

The daac_delete_booking_callback function, hooked to the daac_delete_booking AJAX action, takes the id POST parameter which is passed into the SQL statement without proper sanitisation, validation or escaping, leading to a SQL Injection issue. Furthermore, the ajax action is lacking any CSRF and capability check, making it available to any authenticated user.

Productos afectados

Unknown · Diary & Availability Calendar

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://codevigilant.com/disclosure/2021/wp-plugin-diary-availability-calendar/https://wpscan.com/vulnerability/8eafd84b-6214-450b-869b-0afe7cca4c5f