CVE-2021-24442 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2021-24442?

CVE-2021-24442 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress sites using the WPDevArt Polls plugin. Attackers can manipulate database queries by sending specially crafted POST parameters. All WordPress sites running vulnerable versions of this plugin are affected.

📋 TL;DR

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress sites using the WPDevArt Polls plugin. Attackers can manipulate database queries by sending specially crafted POST parameters. All WordPress sites running vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:

WPDevArt Polls, Survey, Questionnaire and Voting system WordPress plugin

Versions: All versions before 1.5.3

Operating Systems: All operating systems running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all WordPress installations with the vulnerable plugin enabled, regardless of WordPress version or configuration.

📦 What is this software?

Poll\, Survey\, Questionnaire And Voting System by Wpdevart

View all CVEs affecting Poll\, Survey\, Questionnaire And Voting System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise allowing data theft, privilege escalation, and potential remote code execution through database functions.

🟠

Likely Case

Data exfiltration from the WordPress database including user credentials, sensitive content, and potentially gaining administrative access.

🟢

If Mitigated

Limited impact with proper input validation and database user privilege restrictions in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending POST requests to the vulnerable endpoint with SQL injection payloads in the date_answers[] parameter.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.5.3

Vendor Advisory: https://wordpress.org/plugins/poll-wd/#developers

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins. 3. Find 'Poll, Survey, Questionnaire and Voting system'. 4. Click 'Update Now' or manually update to version 1.5.3 or later.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily disable the WPDevArt Polls plugin until patched

wp plugin deactivate poll-wd

Web Application Firewall rule

linux

Block requests containing SQL injection patterns targeting date_answers[] parameter

ModSecurity rule: SecRule ARGS_POST:date_answers "@detectSQLi" "id:1001,phase:2,deny,status:403"

🧯 If You Can't Patch

Implement strict input validation for all POST parameters in custom code
Restrict database user privileges to minimum required permissions

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Poll, Survey, Questionnaire and Voting system. If version is below 1.5.3, you are vulnerable.

Check Version:

wp plugin get poll-wd --field=version

Verify Fix Applied:

Verify plugin version is 1.5.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

POST requests to /wp-admin/admin-ajax.php with date_answers[] parameter containing SQL keywords
Unusual database query patterns in WordPress or MySQL logs

Network Indicators:

HTTP POST requests with SQL injection payloads in parameters
Unusual database connection attempts from web server

SIEM Query:

source="web_logs" AND uri="/wp-admin/admin-ajax.php" AND (param="date_answers" AND value CONTAINS "UNION" OR value CONTAINS "SELECT" OR value CONTAINS "OR 1=1")

📊 Metadata

CVE ID: CVE-2021-24442

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: July 12, 2021

Last Updated: November 21, 2024

🔗 References

https://wpscan.com/vulnerability/7376666e-9b2a-4239-b11f-8544435b444a Exploit,Third Party Advisory
https://www.in-spired.xyz/wpdevart-polls-blind-sql-injection/ Exploit,Third Party Advisory
https://wpscan.com/vulnerability/7376666e-9b2a-4239-b11f-8544435b444a Exploit,Third Party Advisory
https://www.in-spired.xyz/wpdevart-polls-blind-sql-injection/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-24442, you might also want to check these: