BID:51637

WordPress WP e-Commerce Plugin Unspecified SQL Injection Vulnerability

Info

WordPress WP e-Commerce Plugin Unspecified SQL Injection Vulnerability

Bugtraq ID:	51637
Class:	Input Validation Error
CVE:	CVE-2012-5310
Remote:	Yes
Local:	No
Published:	Jan 23 2012 12:00AM
Updated:	Mar 19 2015 09:46AM
Credit:	Reported by the vendor
Vulnerable:	WordPress WP e-Commerce 3.8.7 WordPress WP e-Commerce 3.8.6 WordPress WP e-Commerce 3.8.4 WordPress WP e-Commerce 3.8.7.5 WordPress WP e-Commerce 3.8.7.2 WordPress WP e-Commerce 3.8.7.1 WordPress WP e-Commerce 3.8.6.1

Not Vulnerable:	WordPress WP e-Commerce 3.8.7.6

Discussion

WordPress WP e-Commerce Plugin Unspecified SQL Injection Vulnerability

The WP e-Commerce plug-in for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Versions prior to WP e-Commerce 3.8.7.6 are vulnerable.

Exploit / POC

WordPress WP e-Commerce Plugin Unspecified SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

Solution / Fix

WordPress WP e-Commerce Plugin Unspecified SQL Injection Vulnerability

Solution:
Updates are available. Please see the references for more information.

References

WordPress WP e-Commerce Plugin Unspecified SQL Injection Vulnerability

References:

v3.8.7.6 Fixes (Wordpress)
Wordpress church_admin Plugin "id" Cross-Site Scripting Vulnerability (Sammy Forgit)
WP e-Commerce Plugin (WordPress)