Leaflet Maps Marker(v2.2) WordPress Plugin – Vulnerable to Sql Injection
The wordpress Plugin Leaflet Maps Marker upto v2.2 is vulnerable to Sql injection.
The WordPress plugin “Leaflet Maps Marker” allows you to pin, organize & show your favorite places on basemaps from OpenStreetMap, Google Maps, Bing Maps or custom maps on your blog and via different APIs on external websites or apps.
How it works?
At first an attacker extracts the usernames, Hashed passwords and emails using some sql commands through the vulnerable url. As the WordPress Hash is difficult to decrypt, he uses another method for hacking. He requests for a new password from the lost password link. And the Authentication key is sent to the corresponding email address. As he don’t have access to the email, he again uses Sql Injection to get the authentication key from the database directly. Then he creates the password reset confirmation link by providing the KEY and the USERNAME and he successfully changes the password. Then he has the administrative access. He can destroy the website, as well as the server. He can dump your private data etc..
How to Avoid this?
To avoid this type of hacking I first request you to update the latest version of the plugin.
Otherwise use BM custom Login for your website login (May be risky sometimes).
There are many other plugins vulnerable to Sqli. Webmasters please keep your eyes sticky on some popular IT security news.