CVE-2024-13184
Published: 18 January 2025
Description
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based SQL Injection via the Login Attempts module in all versions up to, and including, 3.0.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Security Summary
CVE-2024-13184 is a time-based SQL injection vulnerability in The Ultimate WordPress Toolkit – WP Extended plugin for WordPress, affecting all versions up to and including 3.0.12. The flaw exists in the Login Attempts module due to insufficient escaping of user-supplied parameters and lack of sufficient preparation on existing SQL queries, allowing attackers to append additional SQL queries.
Unauthenticated attackers can exploit this vulnerability over the network with low attack complexity and no user interaction required, as reflected in its CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). Successful exploitation enables extraction of sensitive information from the database by injecting time-based SQL payloads into existing queries.
Advisories and plugin resources indicate mitigation through patching, with changeset 3220003 addressing the issue in the plugin's trac repository at line 105 of the wpext_limit_login_attempts.php file. Further details are provided in the Wordfence threat intelligence report and the plugin's developer page on WordPress.org.
Details
- CWE(s)