SQL Injection in Duplicate-Page WordPress Plugin

From blog.sucuri.net

SQL Injection in Duplicate-Page WordPress Plugin

Security Risk: Easy / Remote

DREAD Score: 8.4

Vulnerability: SQL Injection / PHP Object Injection

Patched Version: 3.4

While investigating the Duplicate Page plugin we have discovered a dangerous SQL Injection vulnerability.

It was not being abused externally and impacts over 800,000 sites. It’s urgency is defined by the associated DREAD score that looks at damage, reproducibility, exploitability, affected users, and discoverability.

A key contributor to the criticality of this vulnerability is that it’s exploitable by any users with an account on the vulnerable site (regardless of the privileges they have – e.g., subscribers) and is easy to exploit.

Read more…