CVE-2024-13491
📋 TL;DR
This SQL injection vulnerability in the Small Package Quotes – For Customers of FedEx WordPress plugin allows unauthenticated attackers to inject malicious SQL queries through the 'edit_id' and 'dropship_edit_id' parameters. Attackers can extract sensitive database information including user credentials, plugin settings, and potentially other WordPress data. All WordPress sites using this plugin up to version 4.3.1 are affected.
💻 Affected Systems
- Small Package Quotes – For Customers of FedEx WordPress plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise leading to credential theft, data exfiltration, privilege escalation, and potential site takeover.
Likely Case
Extraction of sensitive plugin data, user information, and potential access to WordPress user tables.
If Mitigated
Limited information disclosure if database permissions are properly restricted and WAF blocks injection attempts.
🎯 Exploit Status
Unauthenticated exploitation with simple parameter manipulation. No authentication required.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version 4.3.2 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Small Package Quotes – For Customers of FedEx'. 4. Click 'Update Now' if available. 5. If no update appears, manually download version 4.3.2+ from WordPress.org and replace plugin files.
🔧 Temporary Workarounds
Temporary Plugin Deactivation
WordPressDisable the vulnerable plugin until patched
wp plugin deactivate small-package-quotes-fedex-edition
WAF Rule Implementation
allBlock SQL injection patterns targeting edit_id and dropship_edit_id parameters
🧯 If You Can't Patch
- Disable the plugin immediately via WordPress admin or wp-cli
- Implement strict WAF rules to block SQL injection patterns and monitor for exploitation attempts
🔍 How to Verify
Check if Vulnerable:
Check plugin version in WordPress admin under Plugins → Installed Plugins. If version is 4.3.1 or lower, you are vulnerable.Check Version:
wp plugin get small-package-quotes-fedex-edition --field=versionVerify Fix Applied:
Verify plugin version is 4.3.2 or higher. Test parameter inputs with SQL injection payloads to confirm they are properly sanitized.📡 Detection & Monitoring
Log Indicators:
- Unusual SQL errors in WordPress debug logs
- Multiple requests with SQL keywords in edit_id/dropship_edit_id parameters
- Database query errors from the plugin
Network Indicators:
- HTTP requests containing SQL injection patterns in GET/POST parameters
- Unusual database connection patterns from web server
SIEM Query:
source="wordpress.log" AND ("edit_id" OR "dropship_edit_id") AND ("UNION" OR "SELECT" OR "INSERT" OR "UPDATE" OR "DELETE" OR "--" OR "' OR '1'='1")🔗 References
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3242108%40small-package-quotes-fedex-edition&new=3242108%40small-package-quotes-fedex-edition&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ba311865-be4b-4c56-a761-409582e981b5?source=cve
