CVE-2024-6479 is a SQL Injection vulnerability identified in the SIP Reviews Shortcode for WooCommerce plugin for WordPress, specifically in all versions up to and including 1.2.3. The vulnerability stems from improper neutralization of special elements in the 'no_of_reviews' attribute of the woocommerce_reviews shortcode. The plugin fails to sufficiently escape or prepare the SQL query that incorporates this user-supplied parameter, allowing an attacker to append arbitrary SQL commands. This flaw enables unauthenticated attackers to execute additional SQL queries within the context of the existing query, potentially extracting sensitive information from the underlying database. The vulnerability does not require user interaction and can be exploited remotely over the network. The CVSS 3.1 base score is 6.5 (medium), reflecting the network attack vector, low attack complexity, and no user interaction, but requiring low privileges (PR:L) which in WordPress context typically means a subscriber or low-level user. The impact is primarily on confidentiality, with no direct impact on integrity or availability. No patches or official fixes are currently linked, and no known exploits have been reported in the wild. The vulnerability is classified under CWE-89, indicating improper neutralization of special elements in SQL commands.

The primary impact of CVE-2024-6479 is unauthorized disclosure of sensitive data stored in the WordPress database used by the vulnerable plugin. Attackers can leverage the SQL Injection flaw to extract confidential information such as user data, order details, or other sensitive e-commerce related records. This can lead to privacy violations, regulatory non-compliance, and reputational damage for affected organizations. Since the vulnerability does not affect data integrity or availability, it does not directly enable data modification or denial of service. However, the exposure of sensitive data can facilitate further attacks such as credential theft, phishing, or targeted exploitation. Organizations running WordPress sites with WooCommerce and this plugin are at risk, especially if they have low privilege user accounts that can trigger the vulnerable shortcode. The risk is amplified for e-commerce businesses handling payment and customer data. The lack of known exploits in the wild currently reduces immediate risk but does not eliminate the threat, as proof-of-concept exploits could emerge rapidly.

1. Immediately update the SIP Reviews Shortcode for WooCommerce plugin to a patched version once available from the vendor. 2. In the absence of an official patch, disable or remove the vulnerable shortcode usage from WordPress pages and posts to prevent exploitation. 3. Implement strict input validation and sanitization on the 'no_of_reviews' attribute in the shortcode, ensuring only expected numeric values are accepted. 4. Employ Web Application Firewalls (WAFs) with SQL Injection detection rules to block malicious payloads targeting this parameter. 5. Restrict shortcode usage to trusted users with higher privileges and limit exposure to unauthenticated or low-privilege users. 6. Monitor database logs and WordPress activity logs for unusual query patterns or access attempts related to the vulnerable shortcode. 7. Conduct regular security audits and vulnerability scans focusing on WordPress plugins, especially those handling user input in SQL queries. 8. Educate site administrators on the risks of using untrusted or outdated plugins and encourage timely updates.