About the Authenticated SQL Injection Vulnerability
In short, an Authenticated SQL Injection is fixed in the latest Complianz update for both Free and Premium last week. We advice to keep your plugins updated, and read below for more information.
What happened?
We received a report of an Authenticated SQL injection vulnerability in Complianz (free version 6.3.3 & Premium version 6.3.3 – 6.3.5) on October 12th.
We immediately started validation and confirmed that improper sanitation of a translatable string made it possible for a malicious, authenticated (logged-in) translator to insert code that Complianz would execute under very specific conditions and when a specific setting was enabled (Disabled by default).
We released an update to both the Free (6.3.4) and Premium (6.3.6) versions of Complianz on Friday, October 14 that removed the vulnerability and we advice everyone to install the latest update.
Although SQL injections are a serious issue, we would like to remind you that this specific vulnerability was only exploitable in very specific circumstances with specific settings in Complianz. We have no indications that the vulnerability was exploited.
If you have any questions, please contact to our support team. We thank @saggre for the discovery and coördinated disclosure of this vulnerability, keeping our WordPress ecosystem safe.