CVE-2024-38795 – This SQL injection vulnerability in the Listing... (How to Fix)

Q: What is the severity of CVE-2024-38795?

CVE-2024-38795 has a CVSS score of 9.3 (CRITICAL). This SQL injection vulnerability in the ListingPro WordPress plugin allows attackers to execute arbitrary SQL commands on affected websites. All WordPress sites running ListingPro versions up to 2.9.4 are vulnerable, potentially exposing database contents including user credentials and sensitive data.

📋 TL;DR

This SQL injection vulnerability in the ListingPro WordPress plugin allows attackers to execute arbitrary SQL commands on affected websites. All WordPress sites running ListingPro versions up to 2.9.4 are vulnerable, potentially exposing database contents including user credentials and sensitive data.

💻 Affected Systems

Products:

WordPress ListingPro Plugin

Versions: n/a through 2.9.4

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All WordPress installations with vulnerable ListingPro plugin versions are affected regardless of configuration.

📦 What is this software?

Listingpro by Cridio

View all CVEs affecting Listingpro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, privilege escalation, remote code execution, and full website takeover.

🟠

Likely Case

Unauthenticated attackers extracting sensitive data like user credentials, personal information, and administrative access.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and web application firewall rules blocking SQL injection patterns.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection vulnerabilities are commonly weaponized, and this unauthenticated vulnerability makes exploitation trivial for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.9.5 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/listingpro-plugin/wordpress-listingpro-plugin-2-9-3-unauthenticated-sql-injection-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find ListingPro plugin. 4. Click 'Update Now' if update available. 5. If no update available, download version 2.9.5+ from vendor. 6. Deactivate old plugin. 7. Upload and activate new version.

🔧 Temporary Workarounds

Web Application Firewall Rules

all

Implement WAF rules to block SQL injection patterns targeting ListingPro endpoints.

# Example ModSecurity rule: SecRule ARGS "(?i)(union|select|insert|update|delete|drop|--|#)" "id:1001,phase:2,deny,status:403,msg:'SQL Injection Attempt'

Temporary Plugin Deactivation

linux

Disable ListingPro plugin until patched version is available.

wp plugin deactivate listingpro-plugin

🧯 If You Can't Patch

Implement strict input validation and parameterized queries in custom code
Deploy web application firewall with SQL injection protection rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > ListingPro version. If version is 2.9.4 or earlier, system is vulnerable.

Check Version:

wp plugin list --name=listingpro --field=version

Verify Fix Applied:

Confirm ListingPro plugin version is 2.9.5 or later in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in web server logs
Multiple failed login attempts from single IP
Requests with SQL keywords in parameters

Network Indicators:

Unusual database connection patterns
Large data exfiltration from database server

SIEM Query:

source="web_server.log" AND ("SQL syntax" OR "union select" OR "sleep(") AND uri_path="/wp-content/plugins/listingpro/"

📊 Metadata

CVE ID: CVE-2024-38795

CVSS v3 Score: 9.3 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L

CWE: CWE-89

Published: August 29, 2024

Last Updated: August 30, 2024

🔗 References

https://patchstack.com/database/vulnerability/listingpro-plugin/wordpress-listingpro-plugin-2-9-3-unauthenticated-sql-injection-vulnerability?_s_id=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-38795, you might also want to check these: