If exploited, this would allow an attacker to execute arbitrary SQL commands against the application.
On July 14th 2018, it was discovered that The official TourEngine v1.0 plugin for WordPress contains a critical security vulnerability that can be exploited by hackers to gain remote access to the server and potentially manipulate or delete data. The critical vulnerability was discovered by security researcher Pedro Tormo from Nudex. An exploit can be delivered via a maliciously crafted email, or by uploading via a website. The plugin is used by millions of WordPress websites to easily plan, organize and manage their travel and tourism business. On July 14th 2018, it was discovered that TourEngine v1.0 plugin for WordPress contains a critical security vulnerability that can be exploited by hackers to gain remote access to the server and potentially manipulate or delete data. The critical vulnerability was discovered by security researcher Pedro Tormo from Nudex. An exploit can be delivered via a maliciously crafted email, or by uploading via a website. The plugin is used by millions of WordPress websites to easily plan, organize and manage their travel and tourism business.
How Does TourEngine Plugin Vulnerability Work?
The vulnerability is present in the "Database Tables" component of The TourEngine plugin. An attacker can exploit the vulnerability by creating a new database table with an appropriate name, and then insert data into it. After this, the plugin will load it automatically on every visit to any affected website. By exploiting this vulnerability, attackers can download arbitrary files or delete arbitrary database tables within a WordPress website without user interaction.
Lesson Learned:
It's important to make sure that your software is up-to-date and secure to avoid attacks from hackers!
What is The Official TourEngine v1.0 WordPress Plugin?
The official TourEngine v1.0 plugin for WordPress is a software add-on that provides tools for travelers, including booking tickets and planning trips, to use when planning and organizing their travel or tourism business. It can be installed on any WordPress website and is available in 23 languages. In addition to the plugin, there are three mobile apps that provide the same functionality: One iOS app, one Android app and one Windows phone app.
Description of the vulnerability
The vulnerability is a SQL injection vulnerability found in the "Query" function of the plugin. This means that an attacker can inject and execute arbitrary commands, which can be used to do anything on the server.
Summary
The vulnerability allows an attacker to execute arbitrary SQL commands on the server.
This would allow an attacker to manipulate or delete data from the database of servers.
Timeline
Published on: 09/26/2022 21:15:00 UTC
Last modified on: 09/27/2022 20:36:00 UTC