CVE-2024-13488
📋 TL;DR
This SQL injection vulnerability in the LTL Freight Quotes – Estes Edition WordPress plugin allows unauthenticated attackers to execute arbitrary SQL queries through the 'dropship_edit_id' and 'edit_id' parameters. Attackers can extract sensitive database information including user credentials, configuration data, and other private information. All WordPress sites using this plugin up to version 3.3.7 are affected.
💻 Affected Systems
- LTL Freight Quotes – Estes Edition WordPress Plugin
📦 What is this software?
Ltl Freight Quotes by Enituretechnology
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise leading to credential theft, data exfiltration, privilege escalation, and potential site takeover.
Likely Case
Extraction of sensitive information including user data, configuration secrets, and potentially administrative credentials.
If Mitigated
Limited information disclosure if database permissions are properly restricted and sensitive data is encrypted.
🎯 Exploit Status
SQL injection via URL parameters is straightforward to exploit with common tools like sqlmap.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version 3.3.8 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'LTL Freight Quotes – Estes Edition'. 4. Click 'Update Now' if available, or download version 3.3.8+ from WordPress repository. 5. Activate the updated plugin.
🔧 Temporary Workarounds
Disable vulnerable plugin
WordPressTemporarily disable the plugin until patched version is available
wp plugin deactivate ltl-freight-quotes-estes-edition
Web Application Firewall rule
allBlock requests containing SQL injection patterns targeting the vulnerable parameters
🧯 If You Can't Patch
- Disable the LTL Freight Quotes – Estes Edition plugin immediately
- Implement strict WAF rules to block SQL injection patterns in URL parameters
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → LTL Freight Quotes – Estes Edition → Version number. If version is 3.3.7 or lower, you are vulnerable.Check Version:
wp plugin get ltl-freight-quotes-estes-edition --field=versionVerify Fix Applied:
Verify plugin version is 3.3.8 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual SQL error messages in WordPress logs
- Multiple requests to wild-delivery-save.php with parameter manipulation
- Database query errors containing 'dropship_edit_id' or 'edit_id' parameters
Network Indicators:
- HTTP requests with SQL injection payloads in URL parameters
- Unusual traffic patterns to the vulnerable plugin endpoints
SIEM Query:
source="wordpress.log" AND ("wild-delivery-save.php" OR "dropship_edit_id" OR "edit_id") AND (sql OR union OR select OR from)🔗 References
- https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-estes-edition/trunk/warehouse-dropship/wild/includes/wild-delivery-save.php#L250
- https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-estes-edition/trunk/warehouse-dropship/wild/includes/wild-delivery-save.php#L364
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3239967%40ltl-freight-quotes-estes-edition&new=3239967%40ltl-freight-quotes-estes-edition&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/b77b064d-ab8c-4e84-b5cc-efbdeefbf502?source=cve
