CVE-2021-24385: 
WordPress vulnerability analysis and mitigation

CVE-2021-24385 is an unauthenticated SQL injection vulnerability discovered in the FileBird WordPress plugin version 4.7.3. The vulnerability was identified on June 9, 2021, by a 10up Engineer during a routine code review and was publicly disclosed on June 16, 2021. The affected plugin, which has over 90,000 installations, allows unauthorized users to perform SQL injection attacks through unescaped user input in HTTP post requests (10up Blog, WPScan).

The vulnerability stems from SQL queries being executed without proper escaping of user input data from HTTP post requests. The REST API endpoint that invokes the affected function lacks required permissions/authentication, making it accessible to anonymous users. The vulnerability specifically involves the get_col function, where user input is passed directly without sanitization. The CVSS score for this vulnerability is 8.6 (high), and it is classified under OWASP Top 10 category A1: Injection and CWE-89 (WPScan).

This critical vulnerability allows attackers to perform Blind SQL Injection attacks, enabling them to send 'yes or no' questions to MySQL and extract sensitive information from the database even when direct browser output is not possible. The vulnerability potentially exposes user data and database contents to unauthorized access (10up Blog).

The vulnerability was patched in FileBird version 4.7.4, which was released within 36 hours of the responsible disclosure. All users running FileBird version 4.7.3 are strongly advised to upgrade immediately to version 4.7.4 or later. The vulnerability does not affect versions prior to 4.7.3 (10up Blog, WPScan).

The FileBird plugin authors responded quickly and responsibly to the disclosure, releasing a patch within 36 hours of notification. The security community, including WPScan and 10up, collaborated effectively on the responsible disclosure process (10up Blog).