CVE-2023-2493 – This SQL injection vulnerability in the All In ... (How to Fix)

Q: What is the severity of CVE-2023-2493?

CVE-2023-2493 has a CVSS score of 7.2 (HIGH). This SQL injection vulnerability in the All In One Redirection WordPress plugin allows authenticated administrators to execute arbitrary SQL commands on the database. It affects WordPress sites using vulnerable versions of this plugin, potentially compromising the entire site's data integrity and confidentiality.

📋 TL;DR

This SQL injection vulnerability in the All In One Redirection WordPress plugin allows authenticated administrators to execute arbitrary SQL commands on the database. It affects WordPress sites using vulnerable versions of this plugin, potentially compromising the entire site's data integrity and confidentiality.

💻 Affected Systems

Products:

All In One Redirection WordPress plugin

Versions: All versions before 2.2.0

Operating Systems: All operating systems running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with the vulnerable plugin activated. Exploitation requires admin-level access.

📦 What is this software?

All In One Redirection by Vsourz

View all CVEs affecting All In One Redirection →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data manipulation, privilege escalation, or complete site takeover via arbitrary code execution.

🟠

Likely Case

Unauthorized data access, modification of plugin settings, or extraction of sensitive information from the WordPress database.

🟢

If Mitigated

Limited impact with proper access controls, but still poses risk of data leakage or manipulation within the plugin's scope.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated admin access. SQL injection is well-documented and easily weaponized.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.2.0 and later

Vendor Advisory: https://wpscan.com/vulnerability/a9a205a4-eef9-4f30-877a-4c562930650c

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'All In One Redirection'. 4. Click 'Update Now' if available. 5. Alternatively, download version 2.2.0+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Disable the vulnerable plugin until patched

wp plugin deactivate all-in-one-redirection

Database Firewall Rules

all

Implement WAF or database firewall to block SQL injection patterns

🧯 If You Can't Patch

Restrict admin access to only trusted users with strong authentication
Implement database monitoring to detect SQL injection attempts

🔍 How to Verify

Check if Vulnerable:

Check plugin version in WordPress admin under Plugins > Installed Plugins

Check Version:

wp plugin get all-in-one-redirection --field=version

Verify Fix Applied:

Verify plugin version is 2.2.0 or higher after update

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts followed by admin access
Unexpected plugin configuration changes

Network Indicators:

POST requests to wp-admin/admin-ajax.php with SQL-like parameters
Unusual database connection patterns

SIEM Query:

source="wordpress" AND ("all-in-one-redirection" OR "aioredirection") AND (sql OR union OR select)

📊 Metadata

CVE ID: CVE-2023-2493

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Published: July 10, 2023

Last Updated: November 21, 2024

🔗 References

https://wpscan.com/vulnerability/a9a205a4-eef9-4f30-877a-4c562930650c Exploit,Third Party Advisory
https://wpscan.com/vulnerability/a9a205a4-eef9-4f30-877a-4c562930650c Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON