CVE-2023-23488-PoC icon indicating copy to clipboard operation
CVE-2023-23488-PoC copied to clipboard

verified publisher icon r3nt0n

Metadata

Unauthenticated SQL Injection - Paid Memberships Pro < 2.9.8 (WordPress Plugin)

CVE-2023-23488-PoC

Unauthenticated SQL Injection - Paid Memberships Pro < 2.9.8 (WordPress Plugin)

Running this script against a WordPress instance with Paid Membership Pro plugin tells you if the target is vulnerable. As the SQL injection technique required to exploit it is Time-based blind, instead of trying to directly exploit the vuln, it will generate the appropriate sqlmap command to dump the whole database (probably very time-consuming) or specific chose data like usernames and passwords.

Usage example:

python3 CVE-2023-23488.py http://127.0.0.1/wordpress

References

  • Credits to Joshua Martinelle, who discovered the vulnerability
  • ExploitDB link: https://www.exploit-db.com/exploits/51235
  • Vendor Homepage: https://www.paidmembershipspro.com
  • Vulnerable software Link: https://downloads.wordpress.org/plugin/paid-memberships-pro.2.9.7.zip
  • Advisory: https://github.com/advisories/GHSA-pppw-hpjp-v2p9

Metadata

23
Stars
4
Forks
Watchers

Owner

verified publisher icon r3nt0n

Metadata

Unauthenticated SQL Injection - Paid Memberships Pro < 2.9.8 (WordPress Plugin)

Back