Login Sign Up

CVE-2022-47614

7.5 HIGH
SQL Injection

📋 TL;DR

This vulnerability allows unauthenticated attackers to perform SQL injection attacks against WordPress sites using the InspireUI MStore API plugin. Attackers can execute arbitrary SQL commands, potentially accessing, modifying, or deleting database content. All WordPress sites running vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:
  • WordPress InspireUI MStore API plugin
Versions: <= 3.9.7
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects WordPress installations with the vulnerable plugin enabled.

📦 What is this software?

Mstore Api by Inspireui

View all CVEs affecting Mstore Api →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, privilege escalation to administrator, and potential remote code execution via database functions.

🟠

Likely Case

Data exfiltration of sensitive information (user credentials, personal data), database manipulation, and potential site defacement.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database user privilege restrictions in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection vulnerabilities are commonly exploited and automated tools exist for detection and exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.9.8 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/mstore-api/wordpress-mstore-api-plugin-3-9-7-sql-injection

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'MStore API' plugin. 4. Click 'Update Now' if update available. 5. Alternatively, download latest version from WordPress repository and replace plugin files.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily disable the MStore API plugin until patched

wp plugin deactivate mstore-api

Web Application Firewall rules

all

Implement WAF rules to block SQL injection patterns targeting MStore API endpoints

🧯 If You Can't Patch

  • Implement strict input validation and sanitization for all user inputs
  • Restrict database user permissions to minimum required (SELECT only if possible)

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > MStore API version. If version <= 3.9.7, vulnerable.

Check Version:

wp plugin get mstore-api --field=version

Verify Fix Applied:

Verify plugin version is 3.9.8 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts from single IP
  • Requests to MStore API endpoints with SQL syntax in parameters

Network Indicators:

  • HTTP requests containing SQL keywords (UNION, SELECT, INSERT) to /wp-json/mstore/* endpoints
  • Unusual traffic patterns to WordPress REST API

SIEM Query:

source="web_server" AND (uri_path="/wp-json/mstore/*" AND (query="*SELECT*" OR query="*UNION*" OR query="*INSERT*"))

📊 Metadata

CVE ID: CVE-2022-47614
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L
CWE: CWE-89
Published: June 23, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-47614, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)