CVE-2024-1795
📋 TL;DR
This SQL injection vulnerability in the HUSKY – Products Filter for WooCommerce Professional WordPress plugin allows authenticated attackers with contributor-level access or higher to inject malicious SQL queries via the 'name' parameter. This can lead to unauthorized extraction of sensitive database information. All WordPress sites using this plugin up to version 1.3.5.2 are affected.
💻 Affected Systems
- HUSKY – Products Filter for WooCommerce Professional WordPress plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including extraction of user credentials, payment information, and administrative access leading to site takeover.
Likely Case
Extraction of sensitive user data, plugin/theme configurations, and potentially privilege escalation.
If Mitigated
Limited data exposure if proper database segmentation and least privilege principles are implemented.
🎯 Exploit Status
Exploitation requires authenticated access but uses simple SQL injection techniques. The vulnerability is well-documented in security advisories.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.3.5.3 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'HUSKY – Products Filter for WooCommerce Professional'. 4. Click 'Update Now' if available. 5. Alternatively, download version 1.3.5.3+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Disable vulnerable shortcode
allRemove or disable the woof shortcode from posts/pages to prevent exploitation
Search WordPress content for [woof] shortcode usage and remove
Restrict contributor access
allTemporarily elevate contributor role requirements or limit contributor accounts
Use WordPress role management plugins to restrict contributor capabilities
🧯 If You Can't Patch
- Immediately disable the HUSKY plugin entirely
- Implement web application firewall (WAF) rules to block SQL injection patterns targeting the 'name' parameter
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for HUSKY – Products Filter for WooCommerce Professional version ≤1.3.5.2Check Version:
wp plugin list --name='woocommerce-products-filter' --field=version (if WP-CLI installed)Verify Fix Applied:
Confirm plugin version is 1.3.5.3 or higher in WordPress admin panel📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in WordPress/database logs containing 'woof' or 'name' parameter manipulation
- Multiple failed login attempts followed by contributor-level access
Network Indicators:
- POST requests to WordPress pages containing 'name' parameter with SQL injection patterns
SIEM Query:
source="wordpress.log" AND "[woof]" AND ("UNION" OR "SELECT" OR "INSERT" OR "DELETE" OR "UPDATE" OR "--" OR "' OR '1'='1")🔗 References
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3051027%40woocommerce-products-filter&new=3051027%40woocommerce-products-filter&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/fff8dfbc-fd59-47db-85bb-de2a7c6a9a5f?source=cve
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3051027%40woocommerce-products-filter&new=3051027%40woocommerce-products-filter&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/fff8dfbc-fd59-47db-85bb-de2a7c6a9a5f?source=cve
