CVE-2015-9310

Vulnerability

The All-in-One WP Security & Firewall plugin for WordPress versions before 3.9.1 contains multiple SQL injection vulnerabilities [1]. The issues exist in various plugin components that fail to properly sanitize user-supplied input before using it in SQL queries. The plugin is widely used for login security, firewall, and file scanning features.

Exploitation

An attacker can exploit these vulnerabilities without authentication by sending crafted HTTP requests to the WordPress site. The attacker does not need any special privileges or user interaction. The SQL injection can be triggered through multiple parameters in the plugin's functionality.

Impact

Successful exploitation allows an attacker to execute arbitrary SQL commands against the WordPress database. This can lead to extraction of sensitive data such as user credentials, session tokens, and other stored information. The attacker may also be able to modify or delete database content, potentially leading to full site compromise.

Mitigation

The vulnerability is fixed in version 3.9.1 of the plugin [1]. Users should update to the latest version (currently 5.4.7) to ensure protection. No workarounds are documented. The plugin is actively maintained and updated.