CVE-2024-13488
Published: 15 February 2025
Description
The LTL Freight Quotes – Estes Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Security Summary
CVE-2024-13488 is a SQL injection vulnerability in the LTL Freight Quotes – Estes Edition plugin for WordPress, affecting all versions up to and including 3.3.7. The flaw arises from insufficient escaping of user-supplied parameters 'dropship_edit_id' and 'edit_id', combined with inadequate preparation of existing SQL queries in the plugin's code. This CWE-89 issue, scored at CVSS 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), allows attackers to inject malicious SQL payloads.
Unauthenticated attackers can exploit this vulnerability remotely with low complexity, targeting the affected parameters to append additional SQL queries onto legitimate ones. Successful exploitation enables extraction of sensitive information from the WordPress database, such as user credentials, post content, or other site data, without requiring privileges, user interaction, or impacting integrity or availability.
References from WordPress plugin trac point to vulnerable code locations in trunk/warehouse-dropship/wild/includes/wild-delivery-save.php at lines 250 and 364, along with changeset 3239967, which may indicate remediation efforts. Additional details are available in Wordfence threat intelligence at the provided vulnerability ID.
Details
- CWE(s)