CVE-2024-43132
📋 TL;DR
This CVE describes an unauthenticated SQL injection vulnerability in the WPWeb Elite Docket WordPress plugin for WooCommerce. Attackers can execute arbitrary SQL commands on affected WordPress sites, potentially compromising the entire database. All WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- WPWeb Elite Docket (WooCommerce Collections / Wishlist / Watchlist) WordPress plugin
📦 What is this software?
Docket by Wpwebelite
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise leading to data theft, privilege escalation, remote code execution, and full site takeover.
Likely Case
Database information disclosure, user data theft, and potential administrative access to the WordPress site.
If Mitigated
Limited impact if proper WAF rules, input validation, and database permissions are in place.
🎯 Exploit Status
SQL injection vulnerabilities are commonly weaponized. The public disclosure includes technical details that facilitate exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.7.0
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Docket (WooCommerce Collections / Wishlist / Watchlist)'. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 1.7.0+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Temporary Plugin Deactivation
allDisable the vulnerable plugin until patched
wp plugin deactivate woocommerce-collections
WAF Rule Implementation
allAdd SQL injection blocking rules to web application firewall
🧯 If You Can't Patch
- Immediately disable or remove the vulnerable plugin from production systems
- Implement strict network segmentation and limit database access to only necessary services
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for 'Docket (WooCommerce Collections / Wishlist / Watchlist)' version lower than 1.7.0Check Version:
wp plugin get woocommerce-collections --field=versionVerify Fix Applied:
Confirm plugin version is 1.7.0 or higher in WordPress admin panel📡 Detection & Monitoring
Log Indicators:
- Unusual SQL error messages in WordPress logs
- Multiple failed SQL queries from single IPs
- Suspicious POST requests to plugin endpoints
Network Indicators:
- SQL syntax in HTTP POST parameters
- Unusual database connection patterns
- Requests to /wp-content/plugins/woocommerce-collections/ with SQL payloads
SIEM Query:
source="wordpress.log" AND ("SQL syntax" OR "database error" OR "woocommerce-collections")