Blind Sql Injection in WordPress SEO plugin by Yoast <=

Blind Sql Injection in WordPress SEO plugin by Yoast <=

What is Blind SQL Injection? How does it differ from normal SQL injection?

To know what Blind SQL injection is. Let we first understand what normal SQL injection is. In normal SQL injection hackers depend on error messages returned from a database on a web page to find vulnerable databases.

What if the error message is turn off?

The hacker can still execute SQL queries in URL and hack vulnerable database and get access to confidential information. This method we call it Blind SQL Injection. Though this method is slower and difficult, it is not impossible.

Blind SQL Injection Example:

Let us assume that URL is used to retrieve information about a user with id 5 from the database. The SQL query for this could look like this “SELECT * from user where id=’5 ‘“. The hacker can inject simple Boolean expressions into URL say. OR 1=1 The SQL query for this could be “SELECT * from user where id=’5’ OR 1=1 “ If the server accepts and executes this query then it means that this website is vulnerable to SQL injection. Executing this query will return all rows from the table “user” since 1=1 is always true. By this way, a hacker can easily gain access to the user table.

Blind SQL Injection in WordPress SEO plugin:

Blind SQL injection has been recently discovering in one of the most popular SEO plugin – WordPress SEO Plugin by Yoast. More than one million websites use WordPress SEO Plugin. Wp Scan Vulnerability database ( has responsibly disclosed the vulnerability to Plugin’s author. “The orderby and order GET parameters are not sufficiently sanitized before being used within a SQL query” In order to fix this issue all the websites using WordPress SEO Plugin <= are advised to upgrade to the latest version as this issue has been addressed and fixed. the vulnerability and its fix.

How to Prevent Blind SQL Injection?

The best way to prevent blind SQL injection is using prepared statements or parameterized SQL statements where the query is parsed only once and executed multiple times. sql injuction Learn more about PHP prepared statement

Prevent SQL injection using .htaccess in WordPress

Below are the set of rules that will prevent most dangerous WordPress SQL injection attacks. query

How to identify Vulnerable Websites?

One of the most common ways to identify vulnerable websites is by using Google Dorks. Google’s “inurl” command is to find vulnerable words in the URL. You can find the list of google dorks here. Here at Pattronize we strictly follow Data Sanitization methods to develop highly secure WordPress themes and plugins. Your website is safe with us.

Author: Nowsath

Stop putting everyone else first. Put yourself first. And go for it.

Industry experience with 5+ years and
trusted by 220+ customers in 18+ countries

View Completed Projects

Get A Perfect Quote!

We're eager to work with you. Please share your project goals along with contact information. We will contact you within in 24 hours on business days. Really!