admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-04-12 15:00:43 +00:00
parent 9a47fa3d2d
commit 1ff1b692b1
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
17 changed files with 993 additions and 862 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2019/17xxx/CVE-2019-17656.json
View File

@ -76,7 +76,7 @@
"description_data": [
{
"lang": "eng",
"value": "A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution."
"value": "A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution."
}
]
}

5
2020/15xxx/CVE-2020-15942.json
View File

@ -64,6 +64,11 @@
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-20-076",
"url": "https://fortiguard.com/advisory/FG-IR-20-076"
},
{
"refsource": "CONFIRM",
"name": "https://www.fortiguard.com/psirt/FG-IR-20-076",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-076"
}
]
},

90
2021/22xxx/CVE-2021-22190.json
View File

@ -4,15 +4,97 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22190",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@gitlab.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GitLab",
"product": {
"product_data": [
{
"product_name": "GitLab",
"version": {
"version_data": [
{
"version_value": ">=13.7, <13.7.8"
},
{
"version_value": ">=13.8, <13.8.5"
},
{
"version_value": ">=13.9, <13.9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper handling of url encoding (hex encoding) in GitLab"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.com/gitlab-org/gitlab/-/issues/300281",
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/300281",
"refsource": "MISC"
},
{
"name": "https://hackerone.com/reports/1040786",
"url": "https://hackerone.com/reports/1040786",
"refsource": "MISC"
},
{
"name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22190.json",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22190.json",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT token"
}
]
}
},
"impact": {
"cvss": {
"vectorString": "AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"version": "3.1",
"baseScore": 8.5,
"baseSeverity": "HIGH"
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks ledz1996 for reporting this vulnerability through our HackerOne bug bounty program"
}
]
}

6
2021/23xxx/CVE-2021-23358.json
View File

@ -51,7 +51,7 @@
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Injection"
"value": " Arbitrary Code Injection"
}
]
}
@ -100,7 +100,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is passed as an argument as it is not sanitized."
"value": "The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized."
}
]
},
@ -126,4 +126,4 @@
"value": "Alessio Della Libera (@d3lla)"
}
]
}
}

2
2021/24xxx/CVE-2021-24024.json
View File

@ -71,7 +71,7 @@
"description_data": [
{
"lang": "eng",
"value": "A clear text storage of sensitive information into log file vulnerability in FortiADCManager 5.3.0 and below, 5.2.1 and below and FortiADC 5.3.7 and below may allow a remote authenticated attacker to read other local users' password in log files."
"value": "A clear text storage of sensitive information into log file vulnerability in FortiADCManager 5.3.0 and below, 5.2.1 and below and FortiADC 5.3.7 and below may allow a remote authenticated attacker to read other local users' password in log files."
}
]
}

154
2021/24xxx/CVE-2021-24197.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24197",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "wpDataTables < 3.4.2 - Improper Access Control leading to Table Permission Takeover"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wpDataTables",
"product": {
"product_data": [
{
"product_name": "wpDataTables Tables & Table Charts",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.4.2",
"version_value": "3.4.2"
"CVE_data_meta": {
"ID": "CVE-2021-24197",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "wpDataTables < 3.4.2 - Improper Access Control leading to Table Permission Takeover"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wpDataTables",
"product": {
"product_data": [
{
"product_name": "wpDataTables \u2013 Tables & Table Charts",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.4.2",
"version_value": "3.4.2"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpDataTables Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by taking over the user permissions on the table through formdata[wdt_ID] parameter. By exploiting this issue an attacker is able to access and manage the data of all users in the same table."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/a56c04a4-dda0-4a7f-a525-d0349a1fda2b",
"name": "https://wpscan.com/vulnerability/a56c04a4-dda0-4a7f-a525-d0349a1fda2b"
},
{
"refsource": "MISC",
"url": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/",
"name": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/"
},
{
"refsource": "MISC",
"url": "https://wpdatatables.com/help/whats-new-changelog/",
"name": "https://wpdatatables.com/help/whats-new-changelog/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpDataTables \u2013 Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by taking over the user permissions on the table through formdata[wdt_ID] parameter. By exploiting this issue an attacker is able to access and manage the data of all users in the same table."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veno Eivazian, Massimiliano Ferraresi"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpdatatables.com/help/whats-new-changelog/",
"name": "https://wpdatatables.com/help/whats-new-changelog/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/a56c04a4-dda0-4a7f-a525-d0349a1fda2b",
"name": "https://wpscan.com/vulnerability/a56c04a4-dda0-4a7f-a525-d0349a1fda2b"
},
{
"refsource": "MISC",
"url": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/",
"name": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veno Eivazian, Massimiliano Ferraresi"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

154
2021/24xxx/CVE-2021-24198.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24198",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "wpDataTables < 3.4.2 - Improper Access Control leading to Table Data Deletion"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wpDataTables",
"product": {
"product_data": [
{
"product_name": "wpDataTables Tables & Table Charts",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.4.2",
"version_value": "3.4.2"
"CVE_data_meta": {
"ID": "CVE-2021-24198",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "wpDataTables < 3.4.2 - Improper Access Control leading to Table Data Deletion"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wpDataTables",
"product": {
"product_data": [
{
"product_name": "wpDataTables \u2013 Tables & Table Charts",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.4.2",
"version_value": "3.4.2"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpDataTables Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through id_key and id_val parameters. By exploiting this issue an attacker is able to delete the data of all users in the same table."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/d953bc62-8a6f-445b-a556-bc25cdd200e3",
"name": "https://wpscan.com/vulnerability/d953bc62-8a6f-445b-a556-bc25cdd200e3"
},
{
"refsource": "MISC",
"url": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/",
"name": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/"
},
{
"refsource": "MISC",
"url": "https://wpdatatables.com/help/whats-new-changelog/",
"name": "https://wpdatatables.com/help/whats-new-changelog/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpDataTables \u2013 Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through id_key and id_val parameters. By exploiting this issue an attacker is able to delete the data of all users in the same table."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veno Eivazian, Massimiliano Ferraresi"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpdatatables.com/help/whats-new-changelog/",
"name": "https://wpdatatables.com/help/whats-new-changelog/"
},
{
"refsource": "MISC",
"url": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/",
"name": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/d953bc62-8a6f-445b-a556-bc25cdd200e3",
"name": "https://wpscan.com/vulnerability/d953bc62-8a6f-445b-a556-bc25cdd200e3"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veno Eivazian, Massimiliano Ferraresi"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

154
2021/24xxx/CVE-2021-24199.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24199",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "wpDataTables < 3.4.2 - Blind SQL Injection via start Parameter"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wpDataTables",
"product": {
"product_data": [
{
"product_name": "wpDataTables Tables & Table Charts",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.4.2",
"version_value": "3.4.2"
"CVE_data_meta": {
"ID": "CVE-2021-24199",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "wpDataTables < 3.4.2 - Blind SQL Injection via start Parameter"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wpDataTables",
"product": {
"product_data": [
{
"product_name": "wpDataTables \u2013 Tables & Table Charts",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.4.2",
"version_value": "3.4.2"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpDataTables Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/5c98c2d6-d002-4cff-9d6f-633cb3ec6280",
"name": "https://wpscan.com/vulnerability/5c98c2d6-d002-4cff-9d6f-633cb3ec6280"
},
{
"refsource": "MISC",
"url": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/",
"name": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/"
},
{
"refsource": "MISC",
"url": "https://wpdatatables.com/help/whats-new-changelog/",
"name": "https://wpdatatables.com/help/whats-new-changelog/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpDataTables \u2013 Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veno Eivazian, Massimiliano Ferraresi"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpdatatables.com/help/whats-new-changelog/",
"name": "https://wpdatatables.com/help/whats-new-changelog/"
},
{
"refsource": "MISC",
"url": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/",
"name": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/5c98c2d6-d002-4cff-9d6f-633cb3ec6280",
"name": "https://wpscan.com/vulnerability/5c98c2d6-d002-4cff-9d6f-633cb3ec6280"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veno Eivazian, Massimiliano Ferraresi"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

154
2021/24xxx/CVE-2021-24200.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24200",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "wpDataTables < 3.4.2 - Blind SQL Injection via length Parameter"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wpDataTables",
"product": {
"product_data": [
{
"product_name": "wpDataTables Tables & Table Charts",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.4.2",
"version_value": "3.4.2"
"CVE_data_meta": {
"ID": "CVE-2021-24200",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "wpDataTables < 3.4.2 - Blind SQL Injection via length Parameter"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wpDataTables",
"product": {
"product_data": [
{
"product_name": "wpDataTables \u2013 Tables & Table Charts",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.4.2",
"version_value": "3.4.2"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpDataTables Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/21aa7e18-0162-45bf-a5c6-ceee64ffa1f9",
"name": "https://wpscan.com/vulnerability/21aa7e18-0162-45bf-a5c6-ceee64ffa1f9"
},
{
"refsource": "MISC",
"url": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/",
"name": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/"
},
{
"refsource": "MISC",
"url": "https://wpdatatables.com/help/whats-new-changelog/",
"name": "https://wpdatatables.com/help/whats-new-changelog/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpDataTables \u2013 Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veno Eivazian, Massimiliano Ferraresi"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpdatatables.com/help/whats-new-changelog/",
"name": "https://wpdatatables.com/help/whats-new-changelog/"
},
{
"refsource": "MISC",
"url": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/",
"name": "https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/21aa7e18-0162-45bf-a5c6-ceee64ffa1f9",
"name": "https://wpscan.com/vulnerability/21aa7e18-0162-45bf-a5c6-ceee64ffa1f9"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veno Eivazian, Massimiliano Ferraresi"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

154
2021/24xxx/CVE-2021-24218.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24218",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Facebook for WordPress 3.0.0-3.0.3 - CSRF to Stored XSS and Settings Deletion"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Facebook for WordPress",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "3.0.0",
"version_value": "3.0.0"
},
{
"version_affected": "<",
"version_name": "3.0.4",
"version_value": "3.0.4"
"CVE_data_meta": {
"ID": "CVE-2021-24218",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Facebook for WordPress 3.0.0-3.0.3 - CSRF to Stored XSS and Settings Deletion"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Facebook for WordPress",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "3.0.0",
"version_value": "3.0.0"
},
{
"version_affected": "<",
"version_name": "3.0.4",
"version_value": "3.0.4"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be saved."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/169d21fc-d191-46ff-82e8-9ac887aed8a4",
"name": "https://wpscan.com/vulnerability/169d21fc-d191-46ff-82e8-9ac887aed8a4"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/two-vulnerabilities-patched-in-facebook-for-wordpress-plugin/",
"name": "https://www.wordfence.com/blog/2021/03/two-vulnerabilities-patched-in-facebook-for-wordpress-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be saved."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/two-vulnerabilities-patched-in-facebook-for-wordpress-plugin/",
"name": "https://www.wordfence.com/blog/2021/03/two-vulnerabilities-patched-in-facebook-for-wordpress-plugin/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/169d21fc-d191-46ff-82e8-9ac887aed8a4",
"name": "https://wpscan.com/vulnerability/169d21fc-d191-46ff-82e8-9ac887aed8a4"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

350
2021/24xxx/CVE-2021-24220.json
View File

@ -1,182 +1,182 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24220",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "All Thrive Themes Legacy Themes < 2.0.0 - Unauthenticated Arbitrary File Upload and Option Deletion"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Thrive Themes",
"product": {
"product_data": [
{
"product_name": "Rise by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
"CVE_data_meta": {
"ID": "CVE-2021-24220",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "All Thrive Themes Legacy Themes < 2.0.0 - Unauthenticated Arbitrary File Upload and Option Deletion"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Thrive Themes",
"product": {
"product_data": [
{
"product_name": "Rise by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Luxe by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Minus by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Ignition by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "FocusBlog by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Squared by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Voice",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Performag by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Pressive by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Storied by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
}
]
}
]
}
},
{
"product_name": "Luxe by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Minus by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Ignition by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "FocusBlog by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Squared by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Voice",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Performag by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Pressive by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
},
{
"product_name": "Storied by Thrive Themes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared by Thrive Themes WordPress theme before 2.0.0, Voice WordPress theme before 2.0.0, Performag by Thrive Themes WordPress theme before 2.0.0, Pressive by Thrive Themes WordPress theme before 2.0.0, Storied by Thrive Themes WordPress theme before 2.0.0 register a REST API endpoint to compress images using the Kraken image optimization engine. By supplying a crafted request in combination with data inserted using the Option Update vulnerability, it was possible to use this endpoint to retrieve malicious code from a remote URL and overwrite an existing file on the site with it or create a new file.This includes executable PHP files that contain malicious code."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/a2424354-2639-4f53-a24f-afc11f6c4cac",
"name": "https://wpscan.com/vulnerability/a2424354-2639-4f53-a24f-afc11f6c4cac"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/recently-patched-vulnerability-in-thrive-themes-actively-exploited-in-the-wild",
"name": "https://www.wordfence.com/blog/2021/03/recently-patched-vulnerability-in-thrive-themes-actively-exploited-in-the-wild"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Thrive \u201cLegacy\u201d Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared by Thrive Themes WordPress theme before 2.0.0, Voice WordPress theme before 2.0.0, Performag by Thrive Themes WordPress theme before 2.0.0, Pressive by Thrive Themes WordPress theme before 2.0.0, Storied by Thrive Themes WordPress theme before 2.0.0 register a REST API endpoint to compress images using the Kraken image optimization engine. By supplying a crafted request in combination with data inserted using the Option Update vulnerability, it was possible to use this endpoint to retrieve malicious code from a remote URL and overwrite an existing file on the site with it or create a new file.This includes executable PHP files that contain malicious code."
}
]
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/recently-patched-vulnerability-in-thrive-themes-actively-exploited-in-the-wild",
"name": "https://www.wordfence.com/blog/2021/03/recently-patched-vulnerability-in-thrive-themes-actively-exploited-in-the-wild"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/a2424354-2639-4f53-a24f-afc11f6c4cac",
"name": "https://wpscan.com/vulnerability/a2424354-2639-4f53-a24f-afc11f6c4cac"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "eng"
}
]
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

144
2021/24xxx/CVE-2021-24228.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24228",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Patreon WordPress < 1.7.2 - Reflected XSS on Login Form"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Patreon WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.2",
"version_value": "1.7.2"
"CVE_data_meta": {
"ID": "CVE-2021-24228",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Patreon WordPress < 1.7.2 - Reflected XSS on Login Form"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Patreon WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.2",
"version_value": "1.7.2"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Scan team identified a Reflected Cross-Site Scripting in the Login Form of the Patreon WordPress plugin before 1.7.2. The WordPress login form (wp-login.php) is hooked by the plugin and offers to allow users to authenticate on the site using their Patreon account. Unfortunately, some of the error logging logic behind the scene allowed user-controlled input to be reflected on the login page, unsanitized."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/7a5fadb1-3f1c-4779-8ff6-356fccb5269b",
"name": "https://wpscan.com/vulnerability/7a5fadb1-3f1c-4779-8ff6-356fccb5269b"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/",
"name": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Scan team identified a Reflected Cross-Site Scripting in the Login Form of the Patreon WordPress plugin before 1.7.2. The WordPress login form (wp-login.php) is hooked by the plugin and offers to allow users to authenticate on the site using their Patreon account. Unfortunately, some of the error logging logic behind the scene allowed user-controlled input to be reflected on the login page, unsanitized."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "George Stephanis, Fioravante Souza, Miguel Neto, Benedict Singer and Marc Montpas"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/",
"name": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/7a5fadb1-3f1c-4779-8ff6-356fccb5269b",
"name": "https://wpscan.com/vulnerability/7a5fadb1-3f1c-4779-8ff6-356fccb5269b"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "George Stephanis, Fioravante Souza, Miguel Neto, Benedict Singer and Marc Montpas"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

144
2021/24xxx/CVE-2021-24229.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24229",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Patreon WordPress < 1.7.2 - Reflected XSS on patreon_save_attachment_patreon_level AJAX action"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Patreon WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.2",
"version_value": "1.7.2"
"CVE_data_meta": {
"ID": "CVE-2021-24229",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Patreon WordPress < 1.7.2 - Reflected XSS on patreon_save_attachment_patreon_level AJAX action"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Patreon WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.2",
"version_value": "1.7.2"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Scan team identified a Reflected Cross-Site Scripting via the patreon_save_attachment_patreon_level AJAX action of the Patreon WordPress plugin before 1.7.2. This AJAX hook is used to update the pledge level required by Patreon subscribers to access a given attachment. This action is accessible for user accounts with the manage_options privilege (i.e.., only administrators). Unfortunately, one of the parameters used in this AJAX endpoint is not sanitized before being printed back to the user, so the risk it represents is the same as the previous XSS vulnerability."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/001755c4-add3-4566-a022-ab1f83546c1f",
"name": "https://wpscan.com/vulnerability/001755c4-add3-4566-a022-ab1f83546c1f"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/",
"name": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Scan team identified a Reflected Cross-Site Scripting via the patreon_save_attachment_patreon_level AJAX action of the Patreon WordPress plugin before 1.7.2. This AJAX hook is used to update the pledge level required by Patreon subscribers to access a given attachment. This action is accessible for user accounts with the \u2018manage_options\u2019 privilege (i.e.., only administrators). Unfortunately, one of the parameters used in this AJAX endpoint is not sanitized before being printed back to the user, so the risk it represents is the same as the previous XSS vulnerability."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "George Stephanis, Fioravante Souza, Miguel Neto, Benedict Singer and Marc Montpas"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/",
"name": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/001755c4-add3-4566-a022-ab1f83546c1f",
"name": "https://wpscan.com/vulnerability/001755c4-add3-4566-a022-ab1f83546c1f"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "George Stephanis, Fioravante Souza, Miguel Neto, Benedict Singer and Marc Montpas"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

144
2021/24xxx/CVE-2021-24230.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24230",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Patreon WordPress < 1.7.0 - CSRF to Overwrite/Create User Meta"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Patreon WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.0",
"version_value": "1.7.0"
"CVE_data_meta": {
"ID": "CVE-2021-24230",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Patreon WordPress < 1.7.0 - CSRF to Overwrite/Create User Meta"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Patreon WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.0",
"version_value": "1.7.0"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged in user overwrite or create arbitrary user metadata on the victims account once visited. If exploited, this bug can be used to overwrite the “wp_capabilities” meta, which contains the affected user accounts roles and privileges. Doing this would essentially lock them out of the site, blocking them from accessing paid content."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/2deefa2d-3043-42e5-afef-a42c37703531",
"name": "https://wpscan.com/vulnerability/2deefa2d-3043-42e5-afef-a42c37703531"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/",
"name": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged in user overwrite or create arbitrary user metadata on the victim\u2019s account once visited. If exploited, this bug can be used to overwrite the \u201cwp_capabilities\u201d meta, which contains the affected user account\u2019s roles and privileges. Doing this would essentially lock them out of the site, blocking them from accessing paid content."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "George Stephanis, Fioravante Souza, Miguel Neto, Benedict Singer and Marc Montpas"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/",
"name": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/2deefa2d-3043-42e5-afef-a42c37703531",
"name": "https://wpscan.com/vulnerability/2deefa2d-3043-42e5-afef-a42c37703531"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "George Stephanis, Fioravante Souza, Miguel Neto, Benedict Singer and Marc Montpas"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

144
2021/24xxx/CVE-2021-24231.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24231",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Patreon WordPress < 1.7.0 - CSRF to Disconnect Sites From Patreon"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Patreon WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.0",
"version_value": "1.7.0"
"CVE_data_meta": {
"ID": "CVE-2021-24231",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Patreon WordPress < 1.7.0 - CSRF to Disconnect Sites From Patreon"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Patreon WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.0",
"version_value": "1.7.0"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged administrator disconnect the site from Patreon by visiting a specially crafted link."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/f8ab6855-a319-47ac-82fb-58b181e77500",
"name": "https://wpscan.com/vulnerability/f8ab6855-a319-47ac-82fb-58b181e77500"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/",
"name": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged administrator disconnect the site from Patreon by visiting a specially crafted link."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "George Stephanis, Fioravante Souza, Miguel Neto, Benedict Singer and Marc Montpas"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/",
"name": "https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/f8ab6855-a319-47ac-82fb-58b181e77500",
"name": "https://wpscan.com/vulnerability/f8ab6855-a319-47ac-82fb-58b181e77500"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "George Stephanis, Fioravante Souza, Miguel Neto, Benedict Singer and Marc Montpas"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

50
2021/27xxx/CVE-2021-27486.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27486",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "FATEK Automation WinProladder",
"version": {
"version_data": [
{
"version_value": "WinProladder Versions 3.30 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INTEGER UNDERFLOW (WRAP OR WRAPAROUND) CWE-191"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-098-01",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-098-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Fatek Automation WinProladder Versions 3.3 and prior are vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code."
}
]
}

4
2021/3xxx/CVE-2021-3465.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2021-3465",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}