[wp-trac] [WordPress Trac] #33156: Allow admin-ajax crawling
WordPress Trac
noreply at wordpress.org
Wed Mar 16 10:21:28 UTC 2022
#33156: Allow admin-ajax crawling
-----------------------------------+-----------------------------
Reporter: joostdevalk | Owner: SergeyBiryukov
Type: enhancement | Status: closed
Priority: normal | Milestone: 4.4
Component: General | Version:
Severity: normal | Resolution: fixed
Keywords: 2nd-opinion has-patch | Focuses:
-----------------------------------+-----------------------------
Comment (by nickdageekuk):
Replying to [comment:22 KnowingArt_com]:
> It seems like all the comments of concern were ignored.
I would tend to agree considering that AJAX itself is a problem
Known SQL injection exploit in AJAX see [https://www.exploit-
db.com/exploits/48475]
# Exploit Title: WordPress Plugin Ajax Load More 5.3.1 - '#1'
Authenticated SQL Injection
# Exploit Author: SunCSR (Sun* Cyber Security Research) - Nguyen Khang
# Google Dork: N/A
# Date: 2020-05-18
# Vendor Homepage: https://connekthq.com/plugins/ajax-load-more/
# Software Link: https://vi.wordpress.org/plugins/ajax-load-more/
# Version: <= 5.3.1
# Tested on: Ubuntu 18.04
Description:
A blind SQL injection vulnerability is present in Ajax load more.
$wpdb->get_var("SELECT repeaterDefault FROM " . $table_name . " WHERE name
= '$n'");
--
Ticket URL: <https://core.trac.wordpress.org/ticket/33156#comment:23>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list