Synopsis
The remote web server hosts a web application that is affected by a SQL injection vulnerability.
Description
The version of the Simple:Press plugin for WordPress installed on the remote host fails to properly sanitize user-supplied input to the 'value' parameter of the 'sf-header-forum.php' script.
An unauthenticated, remote attacker can leverage this issue to launch a SQL injection attack against the affected application, leading to an authentication bypass, the disclosure of sensitive information, and attacks against the underlying database.
Solution
There is no known solution at this time.
Plugin Details
File Name: wordpress_simplepress_sql_injection.nasl
Supported Sensors: Nessus
Enable CGI Scanning: true
Vulnerability Information
CPE: cpe:/a:wordpress:wordpress
Required KB Items: installed_sw/WordPress, www/PHP
Exploit Ease: Exploits are available
Exploited by Nessus: true
Vulnerability Publication Date: 7/4/2010
Reference Information
BID: 41348