CVE-2017-16510 - OpenCVE

WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a "double prepare" approach, a different vulnerability than CVE-2017-14723.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wordpress	Wordpress

Configuration 1 [-]

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/101638
https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
https://codex.wordpress.org/Version_4.8.3
https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
https://lists.debian.org/debian-lts-announce/2017/11/msg00003.html
https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
https://wpvulndb.com/vulnerabilities/8941
https://www.debian.org/security/2018/dsa-4090

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-11-02T16:00:00

Updated: 2024-08-05T20:27:03.287Z

Reserved: 2017-11-02T00:00:00

Link: CVE-2017-16510

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-11-02T16:29:00.787

Modified: 2018-02-04T02:29:14.100

Link: CVE-2017-16510

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-11-02T00:00:00", "descriptions": [{"lang": "en", "value": "WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a \"double prepare\" approach, a different vulnerability than CVE-2017-14723."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-02-02T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d"}, {"name": "DSA-4090", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4090"}, {"name": "[debian-lts-announce] 20171104 [SECURITY] [DLA 1160-1] wordpress security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00003.html"}, {"name": "101638", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101638"}, {"tags": ["x_refsource_MISC"], "url": "https://wpvulndb.com/vulnerabilities/8941"}, {"tags": ["x_refsource_MISC"], "url": "https://codex.wordpress.org/Version_4.8.3"}, {"tags": ["x_refsource_MISC"], "url": "https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html"}, {"tags": ["x_refsource_MISC"], "url": "https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-16510", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a \"double prepare\" approach, a different vulnerability than CVE-2017-14723."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d", "refsource": "MISC", "url": "https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d"}, {"name": "DSA-4090", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4090"}, {"name": "[debian-lts-announce] 20171104 [SECURITY] [DLA 1160-1] wordpress security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00003.html"}, {"name": "101638", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101638"}, {"name": "https://wpvulndb.com/vulnerabilities/8941", "refsource": "MISC", "url": "https://wpvulndb.com/vulnerabilities/8941"}, {"name": "https://codex.wordpress.org/Version_4.8.3", "refsource": "MISC", "url": "https://codex.wordpress.org/Version_4.8.3"}, {"name": "https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html", "refsource": "MISC", "url": "https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html"}, {"name": "https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/", "refsource": "MISC", "url": "https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T20:27:03.287Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d"}, {"name": "DSA-4090", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4090"}, {"name": "[debian-lts-announce] 20171104 [SECURITY] [DLA 1160-1] wordpress security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00003.html"}, {"name": "101638", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101638"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wpvulndb.com/vulnerabilities/8941"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://codex.wordpress.org/Version_4.8.3"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-16510", "datePublished": "2017-11-02T16:00:00", "dateReserved": "2017-11-02T00:00:00", "dateUpdated": "2024-08-05T20:27:03.287Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "matchCriteriaId": "55C0F562-AB38-493B-87D6-0DC9465F4E18", "versionEndIncluding": "4.8.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a \"double prepare\" approach, a different vulnerability than CVE-2017-14723."}, {"lang": "es", "value": "WordPress en versiones anteriores a la 4.8.3 se ve afectado por un problema en el que $wpdb->prepare() puede crear consultas inseguras e inesperadas que podr\u00edan provocar una inyecci\u00f3n SQL (SQLi) en plugins y temas, tal y como se ve en el enfoque \"double prepare\". Esta es una vulnerabilidad diferente a CVE-2017-14723."}], "id": "CVE-2017-16510", "lastModified": "2018-02-04T02:29:14.100", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-02T16:29:00.787", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101638"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://codex.wordpress.org/Version_4.8.3"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00003.html"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://wpvulndb.com/vulnerabilities/8941"}, {"source": "cve@mitre.org", "url": "https://www.debian.org/security/2018/dsa-4090"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}