{"id":16737,"date":"2025-04-03T00:50:26","date_gmt":"2025-04-03T00:50:26","guid":{"rendered":""},"modified":"2025-05-11T12:34:39","modified_gmt":"2025-05-11T12:34:39","slug":"cve-2023-3211-unauthenticated-sql-injection-vulnerability-in-wordpress-database-administrator-plugin","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2023-3211-unauthenticated-sql-injection-vulnerability-in-wordpress-database-administrator-plugin\/","title":{"rendered":"CVE-2023-3211: Unauthenticated SQL Injection Vulnerability in WordPress Database Administrator Plugin"},"content":{"rendered":"<p class=\"\" data-start=\"107\" data-end=\"132\"><strong data-start=\"107\" data-end=\"132\">Vulnerability Summary<\/strong><\/p>\n<ul data-start=\"134\" data-end=\"745\">\n<li class=\"\" data-start=\"134\" data-end=\"229\">\n<p class=\"\" data-start=\"136\" data-end=\"229\"><strong data-start=\"136\" data-end=\"147\">CVE ID:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">CVE-2023-3211<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"230\" data-end=\"327\">\n<p class=\"\" data-start=\"232\" data-end=\"327\"><strong data-start=\"232\" data-end=\"245\">Severity:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">High (CVSS 3.1 Score: 8.6)<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"328\" data-end=\"430\">\n<p class=\"\" data-start=\"330\" data-end=\"430\"><strong data-start=\"330\" data-end=\"348\">Attack Vector:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Network<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"431\" data-end=\"539\">\n<p class=\"\" data-start=\"433\" data-end=\"539\"><strong data-start=\"433\" data-end=\"457\">Privileges Required:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">None<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"540\" data-end=\"645\">\n<p class=\"\" data-start=\"542\" data-end=\"645\"><strong data-start=\"542\" data-end=\"563\">User Interaction:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">None<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"646\" data-end=\"745\">\n<p class=\"\" data-start=\"648\" data-end=\"745\"><strong data-start=\"648\" data-end=\"659\">Impact:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">SQL Injection leading to potential <a class=\"wpil_keyword_link\" href=\"https:\/\/chat.ameeba.com\"   title=\"data\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24354\">data<\/a> exfiltration or manipulation<\/span>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"\" data-start=\"747\" data-end=\"768\"><strong data-start=\"747\" data-end=\"768\">Affected Products<\/strong><\/p>\n<p class=\"\" data-start=\"770\" data-end=\"855\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-6140-arbitrary-file-upload-vulnerability-in-essential-real-estate-wordpress-plugin\/\"  data-wpil-monitor-id=\"24579\">vulnerability affects the WordPress Database Administrator plugin<\/a>, specifically versions up to and including 1.0.3.<\/span>\u200b<\/p>\n<p class=\"\" data-start=\"857\" data-end=\"882\"><strong data-start=\"857\" data-end=\"882\">How the Exploit Works<\/strong><\/p>\n<p class=\"\" data-start=\"884\" data-end=\"1049\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">The plugin exposes an AJAX action <\/code><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-30511-stored-xss-vulnerability-due-to-improper-sanitization-of-plant-name-input\/\"  data-wpil-monitor-id=\"35966\">named <code class=\"\" data-line=\"\">wdaSetTableActionResponse that fails to properly sanitize&lt;\/a&gt; and escape the &lt;code data-start=&quot;115&quot; data-end=&quot;122&quot;&gt;table<\/code> parameter.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">This oversight allows unauthenticated attackers to <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-47460-sql-injection-vulnerability-in-knovos-discovery-v-22-67-0\/\"  data-wpil-monitor-id=\"27376\">inject arbitrary SQL<\/a> queries.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">For instance, an attacker can exploit this vulnerability by sending a crafted POST <a class=\"wpil_keyword_link\" href=\"https:\/\/www.ameeba.com\"   title=\"request\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24355\">request<\/a> to the <code class=\"\" data-line=\"\">admin-ajax.php<\/code> endpoint:<\/span>\u200b<\/p><div id=\"ameeb-3604928330\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"\" data-line=\"\">curl -i -s -k -X POST --data-binary &lt;span class=&quot;hljs-string&quot;&gt;&quot;action=wdaSetTableActionResponse&amp;table=wp_users%20WHERE%20SLEEP(1)=1%20&amp;request=browse&quot;&lt;\/span&gt; &lt;span class=&quot;hljs-string&quot;&gt;&quot;https:\/\/example.com\/wp-admin\/admin-ajax.php&quot;&lt;\/span&gt;<\/code><\/div>\n<\/div>\n<p class=\"\" data-start=\"1278\" data-end=\"1363\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">In this example, the injected <code class=\"\" data-line=\"\">SLEEP(1)<\/code> function causes a delay in the server&#8217;s response, indicating a successful <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2021-24869-sql-injection-vulnerability-in-wp-fastest-cache-wordpress-plugin\/\"  data-wpil-monitor-id=\"29832\">SQL injection<\/a>.<\/span>\u200b<\/p>\n<p class=\"\" data-start=\"1365\" data-end=\"1384\"><strong data-start=\"1365\" data-end=\"1384\">Potential Risks<\/strong><\/p>\n<ul data-start=\"1386\" data-end=\"1737\">\n<li class=\"\" data-start=\"1386\" data-end=\"1473\">\n<p class=\"\" data-start=\"1388\" data-end=\"1473\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\"><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-2815-unauthorized-modification-of-data-in-administrator-z-wordpress-plugin\/\"  data-wpil-monitor-id=\"29776\">Unauthorized access to sensitive data<\/a>, including user credentials\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1474\" data-end=\"1561\">\n<p class=\"\" data-start=\"1476\" data-end=\"1561\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Modification or <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-3065-arbitrary-file-deletion-vulnerability-in-database-toolset-plugin\/\"  data-wpil-monitor-id=\"40233\">deletion of database<\/a> content\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1562\" data-end=\"1649\">\n<p class=\"\" data-start=\"1564\" data-end=\"1649\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Potential for <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-2907-critical-vulnerability-in-order-delivery-date-wordpress-plugin-could-allow-full-site-takeover\/\"  data-wpil-monitor-id=\"41816\">full site<\/a> compromise\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1650\" data-end=\"1737\">\n<p class=\"\" data-start=\"1652\" data-end=\"1737\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Use of the site as a pivot point for further attacks<\/span>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"\" data-start=\"1739\" data-end=\"1769\"><strong data-start=\"1739\" data-end=\"1769\">Mitigation Recommendations<\/strong><\/p>\n<ul data-start=\"1771\" data-end=\"2232\">\n<li class=\"\" data-start=\"1771\" data-end=\"1880\">\n<p class=\"\" data-start=\"1773\" data-end=\"1880\"><strong data-start=\"1773\" data-end=\"1794\">Immediate Action:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">If you&#8217;re using the affected plugin version, consider disabling or removing it until a patched version is available.<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1881\" data-end=\"1991\">\n<p class=\"\" data-start=\"1883\" data-end=\"1991\"><strong data-start=\"1883\" data-end=\"1905\"><a class=\"wpil_keyword_link\" href=\"https:\/\/ameeba.com\"   title=\"Update\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24353\">Update<\/a> the Plugin:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Regularly check for updates to the plugin and apply them promptly.<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1992\" data-end=\"2126\">\n<p class=\"\" data-start=\"1994\" data-end=\"2126\"><strong data-start=\"1994\" data-end=\"2040\">Implement Web Application Firewalls (WAF):<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Deploy a WAF to detect and block malicious <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-6532-cross-site-request-forgery-vulnerability-in-wp-blogs-planetarium-wordpress-plugin-vulnerability-summary\/\"  data-wpil-monitor-id=\"25033\">requests targeting known vulnerabilities<\/a>.<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"2127\" data-end=\"2232\">\n<p class=\"\" data-start=\"2129\" data-end=\"2232\"><strong data-start=\"2129\" data-end=\"2146\">Monitor Logs:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Regularly review server and application logs for unusual <a href=\"https:\/\/www.ameeba.com\/blog\/microsoft-s-recent-patch-a-detailed-analysis-of-the-126-flaws-and-the-actively-exploited-windows-clfs-vulnerability\/\"  data-wpil-monitor-id=\"26150\">activities that may indicate exploitation<\/a> attempts.<\/span>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"\" data-start=\"2234\" data-end=\"2248\"><strong data-start=\"2234\" data-end=\"2248\">Conclusion<\/strong><\/p>\n<p class=\"\" data-start=\"2250\" data-end=\"2375\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">CVE-2023-3211 is a <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-47890-exposing-the-critical-vulnerability-in-network-security-protocols\/\"  data-wpil-monitor-id=\"24938\">critical vulnerability<\/a> in the WordPress Database Administrator plugin that allows unauthenticated attackers to perform SQL injection attacks.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Given the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-22611-critical-exploit-in-openerm-posing-severe-security-risks\/\"  data-wpil-monitor-id=\"26877\">severity and ease of exploitation<\/a>, it&#8217;s imperative to take immediate action to mitigate potential risks.<\/span>\u200b<\/p>\n<p class=\"\" data-start=\"2377\" data-end=\"2391\"><strong data-start=\"2377\" data-end=\"2391\">References<\/strong><\/p>\n<ul data-start=\"2393\" data-end=\"2573\">\n<li class=\"\" data-start=\"2393\" data-end=\"2501\">\n<p class=\"\" data-start=\"2395\" data-end=\"2501\"><a class=\"\" href=\"https:\/\/wpscan.com\/vulnerability\/873824f0-e8b1-45bd-8579-bc3c649a54e5\/\" target=\"_new\" rel=\"noopener\" data-start=\"2395\" data-end=\"2501\">WPScan Advisory on CVE-2023-3211<\/a><\/p>\n<\/li>\n<li class=\"\" data-start=\"2502\" data-end=\"2573\">\n<p class=\"\" data-start=\"2504\" data-end=\"2573\"><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-3211\" target=\"_new\" rel=\"noopener\" data-start=\"2504\" data-end=\"2573\">NVD \u2013 CVE-2023-3211<\/a><\/p>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability Summary CVE ID: CVE-2023-3211\u200b Severity: High (CVSS 3.1 Score: 8.6)\u200b Attack Vector: Network\u200b Privileges Required: None\u200b User Interaction: None\u200b Impact: SQL Injection leading to potential data exfiltration or manipulation\u200b Affected Products The vulnerability affects the WordPress Database Administrator plugin, specifically versions up to and including 1.0.3.\u200b How the Exploit Works The plugin exposes an [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[74],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-16737","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-sql-injection"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/16737","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=16737"}],"version-history":[{"count":22,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/16737\/revisions"}],"predecessor-version":[{"id":37135,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/16737\/revisions\/37135"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=16737"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=16737"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=16737"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=16737"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=16737"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=16737"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=16737"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=16737"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=16737"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}