PT-2021-16178 · WordPress · Podlove Podcast Publisher

Dc11

Published

2021-09-27

Updated

2021-10-05

CVE-2021-24666

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Podlove Podcast Publisher WordPress plugin versions prior to 3.5.6

Description The issue concerns the 'Social & Donations' module in the Podlove Podcast Publisher WordPress plugin, which is not activated by default. This module adds a rest route "/services/contributor/(?P[d]+)" that takes id and category parameters as arguments. Both the id and category parameters can be exploited for SQL injection.

Recommendations For versions prior to 3.5.6, update to version 3.5.6 or later to resolve the issue. As a temporary workaround, consider disabling the 'Social & Donations' module until a patch is available. Restrict access to the "/services/contributor/(?P[d]+)" endpoint to minimize the risk of exploitation. Avoid using the id and category parameters in the affected API endpoint until the issue is resolved.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2021-24666

Affected Products

Podlove Podcast Publisher

PT-2021-16178 · WordPress · Podlove Podcast Publisher

CVE-2021-24666

Weakness Enumeration

Related Identifiers

Affected Products

References · 5