CVE-2022-0814
📋 TL;DR
This vulnerability allows SQL injection attacks in the Ubigeo de Perú para Woocommerce WordPress plugin. Unauthenticated attackers can exploit AJAX endpoints to execute arbitrary SQL commands, potentially compromising the database. All WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Ubigeo de Perú para Woocommerce WordPress plugin
📦 What is this software?
Ubigeo De Peru Para Woocommerce by Ubigeo De Peru Para Woocommerce Project
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise leading to data theft, privilege escalation, remote code execution via database functions, and full site takeover.
Likely Case
Data exfiltration including user credentials, payment information, and sensitive business data, potentially leading to further attacks.
If Mitigated
Limited impact with proper input validation and database permissions, potentially only allowing data viewing without modification.
🎯 Exploit Status
SQL injection via AJAX actions requires minimal technical skill. Public exploit details are available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 3.6.4
Vendor Advisory: https://wpscan.com/vulnerability/fd84dc08-0079-4fcf-81c3-a61d652e3269
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins. 3. Find 'Ubigeo de Perú para Woocommerce'. 4. Click 'Update Now' to version 3.6.4 or higher. 5. Verify update completes successfully.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily deactivate the plugin until patched
wp plugin deactivate ubigeo-de-peru-para-woocommerce
Restrict AJAX access
linuxBlock access to vulnerable AJAX endpoints via web application firewall or .htaccess
# Add to .htaccess:
RewriteCond %{QUERY_STRING} action=ubigeo [NC]
RewriteRule ^wp-admin/admin-ajax\.php$ - [F,L]
🧯 If You Can't Patch
- Implement web application firewall with SQL injection protection rules
- Disable the plugin entirely and find alternative functionality
🔍 How to Verify
Check if Vulnerable:
Check plugin version in WordPress admin under Plugins or use: wp plugin get ubigeo-de-peru-para-woocommerce --field=versionCheck Version:
wp plugin get ubigeo-de-peru-para-woocommerce --field=versionVerify Fix Applied:
Confirm plugin version is 3.6.4 or higher and test AJAX endpoints with SQL injection payloads📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in database logs
- Multiple failed AJAX requests to ubigeo endpoints
- Unexpected database errors in WordPress logs
Network Indicators:
- POST requests to /wp-admin/admin-ajax.php with SQL keywords in parameters
- Unusual traffic patterns to AJAX endpoints
SIEM Query:
source="web_logs" AND uri="/wp-admin/admin-ajax.php" AND (param="action" AND value="ubigeo*") AND (query CONTAINS "UNION" OR query CONTAINS "SELECT" OR query CONTAINS "INSERT")