CVE-2021-24200

EUVD-2021-11114
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
Affected Products (NVD)
VendorProductVersion
tms-outsourcewpdatatables
𝑥
< 3.4.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/
https://wpdatatables.com/help/whats-new-changelog/
https://wpscan.com/vulnerability/21aa7e18-0162-45bf-a5c6-ceee64ffa1f9
https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/
https://wpdatatables.com/help/whats-new-changelog/
https://wpscan.com/vulnerability/21aa7e18-0162-45bf-a5c6-ceee64ffa1f9