Vulnerability Details CVE-2023-2599
The Active Directory Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 4.1.4 due to missing nonce verification on the get_users function and insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to cause resource exhaustion via a forged request granted they can trick an administrator into performing an action such as clicking on a link.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.7%
CVSS Severity
CVSS v3 Score 3.1
References
- https://plugins.trac.wordpress.org/browser/ldap-login-for-intranet-sites/trunk/class-mo-ldap-user-auth-reports.php?rev=2859403#L64
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910898%40ldap-login-for-intranet-sites%2Ftrunk&old=2903294%40ldap-login-for-intranet-sites%2Ftrunk&sfp_email=&sfph_mail=#file5
- https://www.wordfence.com/threat-intel/vulnerabilities/id/74089b16-76fa-4654-9007-3f0c2e894894?source=cve
- https://plugins.trac.wordpress.org/browser/ldap-login-for-intranet-sites/trunk/class-mo-ldap-user-auth-reports.php?rev=2859403#L64
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910898%40ldap-login-for-intranet-sites%2Ftrunk&old=2903294%40ldap-login-for-intranet-sites%2Ftrunk&sfp_email=&sfph_mail=#file5
- https://www.wordfence.com/threat-intel/vulnerabilities/id/74089b16-76fa-4654-9007-3f0c2e894894?source=cve
Products affected by CVE-2023-2599
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:1.0
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:1.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:1.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:1.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:1.4
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:1.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:1.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:1.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:1.8
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.0
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.5.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.5.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.5.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.5.4
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.5.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.5.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.5.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.5.8
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.6.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.6.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.6.4
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.6.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.6.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.7.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.7.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.7.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.7.4
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.7.42
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.7.43
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.7.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.7.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.8
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.8.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.9
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.91
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:2.92
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.10
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.11
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.12
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.13
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.4
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.8
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.0.9
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.4
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.8
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.85
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.9
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.91
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.92
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.5.93
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.4
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.8
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.9
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.91
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.92
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.93
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.94
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.95
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.96
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.97
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.98
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.6.99
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.7.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.7.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.7.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.7.4
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.7.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.7.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:3.7.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.0
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.0.1
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.0.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.0.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.0.4
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.0.5
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.0.6
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.0.7
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.0.8
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.1.0
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.1.2
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.1.3
-
cpe:2.3:a:miniorange:active_directory_integration_/_ldap_integration:4.1.4