WordPress wpDataTables plugin <= 7.3.6 - SQL Injection vulnerability

Vulnerability

The wpDataTables plugin for WordPress (versions up to and including 7.3.6) contains an unauthenticated SQL injection vulnerability. The exact vulnerable parameter or endpoint is not detailed in the available references, but the vulnerability is present in all versions <= 7.3.6 [2]. The plugin is used to create dynamic tables and charts from various data sources [1].

Exploitation

An attacker can exploit this vulnerability without any authentication. No special network position is required beyond being able to send HTTP requests to the WordPress site. The attack vector is likely through a crafted request to a vulnerable endpoint that does not properly sanitize user input before using it in a SQL query [2]. The vulnerability is considered highly dangerous and expected to be used in mass-exploit campaigns [2].

Impact

Successful exploitation allows a malicious actor to directly interact with the database, potentially leading to information disclosure, data manipulation, or further compromise of the WordPress installation [2]. The CVSS score is 9.3, indicating critical severity [2].

Mitigation

The vulnerability is fixed in version 7.4 of the plugin. Users are advised to update to version 7.4 or later immediately [2]. If unable to update, Patchstack offers a mitigation rule to block attacks until the update is applied [2]. No other workarounds are mentioned in the references.