cbcvebase.
CVE-2023-1020
published 2023-04-24

CVE-2023-1020: The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action…

PriorityP180critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
4.99%
91.1th percentile
The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

Affected

1 ranges
VendorProductVersion rangeFixed in
wp_live_chat_shoutbox_projectwp_live_chat_shoutbox<= 1.4.2

Detection & IOCsextracted from sources · hover to see the quote

url/wp-admin/admin-ajax.php
commandaction=shoutbox-ajax-update-messages&last_timestamp=0)+UNION+ALL+SELECT+NULL,NULL,(SELECT+CONCAT(0x6338633630353939396633643833353264376262373932636633666462323562)),NULL,NULL,NULL,NULL,NULL--+&rooms%5B%5D=default
  • Detect exploitation attempts by monitoring POST requests to /wp-admin/admin-ajax.php with the AJAX action parameter 'shoutbox-ajax-update-messages' and SQL injection patterns in the 'last_timestamp' parameter (e.g., UNION SELECT payloads).
  • A successful blind/UNION-based SQLi response will contain the canary string 'c8c605999f3d8352d7bb792cf3fdb25b' and 'no_participation' in the JSON response body with Content-Type: application/json and HTTP 200.
  • The vulnerability is exploitable by unauthenticated users via an AJAX action; no authentication cookies or nonces are required in the POST request.
  • ·The vulnerability affects Steveas WP Live Chat Shoutbox plugin versions up to and including 1.4.2. Ensure version fingerprinting targets this range.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.