Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink fake_wpdb::insert
Risk _POST
/social-booster/admin/class-rx-sb-ajax.php:19 (show/hide source)
1  <?php
2  if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
3  /**
4   * The admin-specific Ajax files.
5   *
6   * @link       http://rextheme.com/
7   * @since      1.0.0
8   *
9   * @package    Rx_Sb
10   * @subpackage Rx_Sb/admin
11   */
12  
13  class Rx_Sb_Ajax {
14  
15    /*
16     * Post from plugin post
17     */
18    function rx_sb_post() {
19 $postid = sanitize_text_field($_POST['postid']);
20 $post_status = get_post_status($postid); 21 if ($post_status != 'publish') {
Threat level 2

Callstack:

Rx_Sb_Network::save_shared_posts /social-booster/admin/networks/abstract-class-rx-sb-network.php:59 (show/hide source)
39       */
40      public function sb_register_date() {
41          $date = date('Y-m-d',strtotime('now'));
42          return $date;
43      }
44  
45  
46      public function save_shared_posts($post_id, $profile_id, $network_id, $data_array, $published_date, $share_type = 'instant', $success = true, $error = '') {
47          global $wpdb;
48          $table = $wpdb->prefix . 'sb_shared_posts';
49          $wpdb->insert(
50              $table,
51              array(
52                  'post_id' => $post_id,
53                  'published_date' => $published_date,
54                  'post_meta' => serialize($data_array),
55                  'profile_id' => $profile_id,
56                  'network_id' => $network_id,
57                  'share_type' => $share_type,
58                  'success' => $success,
59 'error_msg' => $error,
60 ) 61 );
Rx_Sb_Facebook::sb_send_feed_to_facebook /social-booster/admin/networks/facebook/class-rx-sb-facebook.php:285 (show/hide source)
265          }
266          if (empty($link)) {
267              unset($data_array['link']);
268          }
269          $ch = curl_init();
270          curl_setopt($ch, CURLOPT_URL,'https://graph.facebook.com/'.$platform_id.'/feed');
271          curl_setopt($ch, CURLOPT_POST, 1);
272          curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data_array));
273          curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
274          $server_output = curl_exec($ch);
275          $error = false;
276          if (curl_error($ch)) {
277              $error = true;
278          }
279          curl_close ($ch);
280          $published_date = $this->sb_register_date();
281          if($error) {
282              $this->save_shared_posts($post_id, $network_id, $id, $data_array, $published_date, $share_type, false, 'Post was not published');
283              return true;
284          }
285 $this->save_shared_posts($post_id, $network_id, $id, $data_array, $published_date, $share_type, true, '');
286 return true; 287 }
Rx_Sb_Ajax::rx_sb_post /social-booster/admin/class-rx-sb-ajax.php:41 (show/hide source)
21      if ($post_status != 'publish') {
22        wp_send_json_error('<p>This post is not published yet.</p>');
23      }
24      $message = "";
25      $message = $_POST['message'];
26      $media = $_POST['media'];
27      $post_permalink = get_permalink($postid);
28      // $networks_tabs = SOCIAL_BOOSTER_NETWORKS;
29      // var_dump($networks_tabs);
30      // die();
31      $facebook = new Rx_Sb_Facebook();
32      $twitter = new Rx_Sb_Twitter();
33      $tumblr = new Rx_Sb_Tumblr();
34      global $wpdb;
35      $Network_table = $wpdb->prefix . 'sb_networks';
36      $data =   $wpdb->get_results("SELECT *FROM $Network_table  ");
37      foreach ($data as $info) {
38        if (!in_array($info->id, $media)) {
39          if ($info->auth_status == 'active' && $info->auth_con == 'active') {
40            if ($info->network == 'facebook') {
41 $data_post = $facebook->sb_send_feed_to_facebook($postid, $info->profile_id, $info->id, $message, $post_permalink);
42 } 43 if ($info->network == 'twitter') {