Plateforme
wordpress
Composant
wpdatatables
Corrigé dans
6.3.2
CVE-2024-3820 represents a critical SQL Injection vulnerability affecting the wpDataTables plugin for WordPress. This flaw allows unauthenticated attackers to inject malicious SQL queries, potentially leading to unauthorized data extraction. The vulnerability impacts versions of the premium wpDataTables plugin up to and including 6.3.1. Immediate action is required to mitigate this risk.
The SQL Injection vulnerability in wpDataTables allows attackers to manipulate database queries directly. An attacker could leverage this to extract sensitive information such as user credentials, customer data, financial records, or any other data stored within the WordPress database. Successful exploitation could lead to complete compromise of the WordPress site and its associated data. The lack of authentication requirements means that any user, even without a WordPress account, could potentially exploit this vulnerability. This is particularly concerning given the plugin's popularity and the sensitive data often managed through WordPress sites.
CVE-2024-3820 was publicly disclosed on June 1, 2024. The vulnerability is considered highly exploitable due to the lack of authentication requirements and the ease of injecting SQL queries. No public proof-of-concept exploits have been widely reported at the time of writing, but the critical severity and ease of exploitation suggest a high probability of exploitation. Monitor security advisories and threat intelligence feeds for any signs of active exploitation campaigns.
Websites using the premium version of the wpDataTables plugin, particularly those handling sensitive user data or financial information, are at significant risk. Shared hosting environments where multiple WordPress sites share the same database are also at increased risk, as a compromise of one site could potentially lead to the compromise of others.
• wordpress / composer / npm:
grep -r "wdt_delete_table_row AJAX action" wp-content/plugins/wpdatatable/• generic web:
curl -I 'https://your-wordpress-site.com/wp-admin/admin-ajax.php?action=wdt_delete_table_row&id_key=1' | grep -i 'SQL injection'• wordpress / composer / npm:
wp plugin list --status=all | grep wpdatatable• wordpress / composer / npm:
wp plugin update wpdatatabledisclosure
Statut de l'Exploit
EPSS
2.14% (percentile 84%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2024-3820 is to immediately upgrade the wpDataTables plugin to a version patched against this vulnerability. Check the plugin developer's website for the latest version. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily restricting access to the wdtdeletetablerow AJAX action. Web Application Firewalls (WAFs) configured to detect and block SQL Injection attempts can provide an additional layer of defense. Monitor WordPress access logs for suspicious SQL queries targeting the wdtdeletetablerow endpoint. After upgrading, verify the fix by attempting to inject a simple SQL query through the id_key parameter and confirming that it is properly sanitized.
Actualice el plugin wpDataTables a la última versión disponible. La vulnerabilidad de inyección SQL permite a atacantes no autenticados extraer información sensible de la base de datos. La actualización corrige la falta de validación y sanitización en el parámetro 'id_key' de la acción AJAX 'wdt_delete_table_row'.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2024-3820 is a critical SQL Injection vulnerability in the wpDataTables plugin for WordPress, affecting versions up to 6.3.1. It allows attackers to extract sensitive data.
If you are using the premium version of the wpDataTables plugin and your version is 6.3.1 or earlier, you are vulnerable to this SQL Injection attack.
Upgrade the wpDataTables plugin to the latest version available from the plugin developer's website. Consider temporary restrictions on the vulnerable AJAX action if immediate upgrade is not possible.
While no widespread exploitation has been confirmed, the vulnerability's critical severity and ease of exploitation suggest a high probability of exploitation. Monitor for suspicious activity.
Check the official wpDataTables website and WordPress plugin repository for the latest security advisory and update information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.