CVE-2022-0771
📋 TL;DR
This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on WordPress sites using the SiteSuperCharger plugin. Attackers can steal sensitive data, modify database content, or potentially gain administrative access. All WordPress sites with vulnerable versions of SiteSuperCharger plugin are affected.
💻 Affected Systems
- WordPress SiteSuperCharger plugin
📦 What is this software?
Sitesupercharger by Marketingheroes
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise leading to data theft, site defacement, backdoor installation, and full administrative control of the WordPress installation.
Likely Case
Data exfiltration including user credentials, sensitive content, and potential privilege escalation to administrator accounts.
If Mitigated
Limited impact with proper input validation and prepared statements preventing SQL injection, though other vulnerabilities might still exist.
🎯 Exploit Status
SQL injection via AJAX endpoints with no authentication required. Simple payloads can extract database information or execute commands.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.2.0
Vendor Advisory: https://wpscan.com/vulnerability/6139e732-88f2-42cb-9dc3-42ad49731e75
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find SiteSuperCharger plugin. 4. Click 'Update Now' if update available. 5. If no update available, download version 5.2.0+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Disable SiteSuperCharger Plugin
linuxTemporarily disable the vulnerable plugin until patched
wp plugin deactivate site-super-charger
Web Application Firewall Rule
allBlock SQL injection patterns targeting SiteSuperCharger AJAX endpoints
Modify WAF to block requests containing SQL keywords to /wp-admin/admin-ajax.php with action parameter containing 'site_super_charger'
🧯 If You Can't Patch
- Disable the SiteSuperCharger plugin immediately
- Implement strict input validation and parameterized queries in custom code
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → SiteSuperCharger → Version. If version is below 5.2.0, site is vulnerable.Check Version:
wp plugin list --name=site-super-charger --field=versionVerify Fix Applied:
Confirm SiteSuperCharger plugin version is 5.2.0 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual SQL errors in WordPress debug logs
- Multiple failed AJAX requests to /wp-admin/admin-ajax.php with SQL keywords
- Unexpected database queries from web server process
Network Indicators:
- POST requests to /wp-admin/admin-ajax.php containing SQL injection payloads
- Unusual database connection patterns from web server
SIEM Query:
source="wordpress.log" AND ("admin-ajax.php" AND ("SELECT", "UNION", "INSERT", "UPDATE", "DELETE", "DROP", "OR 1=1"))