top of page

High-Severity SQL Injection Vulnerability in Floating Chat Widget WordPress Plugin (CVE-2022-3858)

CVE Image for report on CVE-2022-3858

Executive Summary

CVE-2022-3858 is a high-severity SQL injection vulnerability identified in the Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button WordPress plugin, affecting versions prior to 3.0.3. This vulnerability allows users with administrative privileges to exploit the SQL injection flaw due to improper sanitization and escaping of a parameter used in a SQL statement. The vulnerability has a CVSS v3.1 Base Score of 7.2, indicating a high level of risk. Immediate action is required to update the affected plugin to mitigate potential exploitation.

Technical Information

CVE-2022-3858 is a critical SQL injection vulnerability that affects the Floating Chat Widget plugin for WordPress. The vulnerability arises from the plugin's failure to properly sanitize and escape a parameter before using it in a SQL statement. This flaw can be exploited by users with administrative privileges, allowing them to execute arbitrary SQL commands on the database.

The vulnerability is identified by the following details: - CVE ID: CVE-2022-3858 - Description: The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin. - CVSS v3.1 Base Score: 7.2 (High) - Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - CWE ID: CWE-89 (SQL Injection) - OWASP Top 10: A1: Injection

The vulnerability affects versions of the Floating Chat Widget plugin up to (excluding) 3.0.3. A proof of concept (PoC) is available, demonstrating how an attacker can exploit the SQL injection flaw. The PoC URL is as follows:

https://example.com/wp-admin/admin.php?page=chaty-contact-form-feed&remove_chaty_leads=9a03751f9d&action=delete_message&paged=1&search&chaty_leads=3)+AND+(SELECT+42+FROM+(SELECT(SLEEP(5)))b)%3B--+-
To get the nonce, check the source of
https://example.com/wp-admin/admin.php?page=chaty-contact-form-feed
for
remove_chaty_leads
.

Exploitation in the Wild

As of the latest updates, there have been no confirmed reports of this vulnerability being exploited in the wild. However, the availability of a PoC increases the risk of potential exploitation. Administrators should remain vigilant and monitor their WordPress installations for any unusual activity, especially related to the

chaty-contact-form-feed
page.

APT Groups using this vulnerability

Currently, there are no specific reports of Advanced Persistent Threat (APT) groups exploiting CVE-2022-3858. However, given the high-severity nature of the vulnerability and the availability of a PoC, it is crucial to stay informed about any emerging threats and potential exploitation by APT groups.

Affected Product Versions

The vulnerability affects the following product versions: - Product: Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button - Version: Up to (excluding) 3.0.3

Administrators using the affected versions should update to the latest version immediately to mitigate the risk of exploitation.

Workaround and Mitigation

To mitigate the risk associated with CVE-2022-3858, users should take the following actions: - Update: Users should update the Floating Chat Widget plugin to version 3.0.3 or later, where the vulnerability has been fixed. - Monitoring: Administrators should monitor their WordPress installations for any unusual activity, especially related to the

chaty-contact-form-feed
page. - Security Best Practices: Adhere to security best practices, including regular updates, strong password policies, and least privilege access controls.

References

For more detailed information on CVE-2022-3858, please refer to the following resources: - NVD: CVE-2022-3858 Detail (https://nvd.nist.gov/vuln/detail/CVE-2022-3858) - WPScan: Chaty < 3.0.3 – Admin+ SQLi (https://wpscan.com/vulnerability/d251b6c1-602b-4d72-9d6a-bf5d5ec541ec) - Original Researcher: Nguyen Duy Quoc Khanh - Submitter: Nguyen Duy Quoc Khanh (Twitter: @ndqkhanh https://twitter.com/ndqkhanh)

Rescana is here for you

At Rescana, we are committed to helping our customers navigate the complex landscape of cybersecurity threats. Our Continuous Threat and Exposure Management (CTEM) platform provides comprehensive monitoring and analysis to identify and mitigate vulnerabilities like CVE-2022-3858. If you have any questions about this report or any other issue, please do not hesitate to contact us at ops@rescana.com.

1 view0 comments

Comments


bottom of page