admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-07-04 09:00:36 +00:00
parent 0743eb8985
commit 2dbc320556
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
17 changed files with 1321 additions and 1150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
2022/0xxx/CVE-2022-0450.json
View File

@ -1,75 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-0450",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Menu Image, Icons made easy < 3.0.8 - Subscriber+ Stored Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Menu Image, Icons made easy",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.0.8",
"version_value": "3.0.8"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Menu Image, Icons made easy WordPress plugin before 3.0.8 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the settings or arbitrary menu and put Cross-Site Scripting payloads in them which will be triggered in the related menu in the frontend"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a",
"name": "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-0450",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Menu Image, Icons made easy WordPress plugin before 3.0.6 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the settings or arbitrary menu and put Cross-Site Scripting payloads in them which will be triggered in the related menu in the frontend"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116 Improper Encoding or Escaping of Output"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Menu Image, Icons made easy",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "3.0.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Krzysztof Zaj\u0105c"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zając"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

157
2022/0xxx/CVE-2022-0634.json
View File

@ -1,75 +1,88 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-0634",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "ThirstyAffiliates < 3.10.5 - Subscriber+ unauthorized image upload + CSRF"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "ThirstyAffiliates Affiliate Link Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.10.5",
"version_value": "3.10.5"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. Further the plugin lacks csrf checks, allowing an attacker to trick a logged in user to perform the action by crafting a special request."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3",
"name": "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-0634",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. Further the plugin lacks csrf checks, allowing an attacker to trick a logged in user to perform the action by crafting a special request."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "ThirstyAffiliates Affiliate Link Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "3.10.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Muhamad Hidayat"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Muhamad Hidayat"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}

155
2022/0xxx/CVE-2022-0952.json
View File

@ -1,75 +1,88 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-0952",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Sitemap by click5",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.36",
"version_value": "1.0.36"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b",
"name": "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-0952",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Sitemap by click5",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.0.36"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "cydave"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "cydave"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

155
2022/1xxx/CVE-2022-1092.json
View File

@ -1,75 +1,88 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-1092",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "myCred < 2.4.4 - Subscriber+ Import/Export to Email Address Disclosure"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "myCred Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.4.4",
"version_value": "2.4.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The myCred WordPress plugin before 2.4.4 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of email address present in the blog"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61",
"name": "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1092",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The myCred WordPress plugin before 2.4.3.1 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of email address present in the blog"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "myCred",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.4.3.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "David Hamann"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "David Hamann"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

86
2022/1xxx/CVE-2022-1203.json
View File

@ -1,14 +1,40 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1203",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +48,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1.8.4.1",
"version_name": "0",
"version_value": "1.8.4.1"
}
]
@ -34,47 +60,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820",
"name": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820"
},
{
"refsource": "MISC",
"name": "https://www.pluginvulnerabilities.com/2021/05/28/our-proactive-monitoring-caught-an-authenticated-option-update-vulnerability-in-content-mask/",
"url": "https://www.pluginvulnerabilities.com/2021/05/28/our-proactive-monitoring-caught-an-authenticated-option-update-vulnerability-in-content-mask/"
"name": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "ptsfence"
}
],
"source": {
"discovery": "EXTERNAL"
}
},
"credits": [
{
"lang": "en",
"value": "ptsfence"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

73
2022/1xxx/CVE-2022-1323.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1323",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Discy < 5.0 - Subscriber+ Broken Access Control to change settings"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discy_update_options action, allowing any logged in users (with privileges as low as Subscriber,) to change Theme options by sending a crafted POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "5.0",
"version_name": "0",
"version_value": "5.0"
}
]
@ -34,42 +52,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discy_update_options action, allowing any logged in users (with privileges as low as Subscriber,) to change Theme options by sending a crafted POST request."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/2d8020e1-6489-4555-9956-2dc190aaa61b",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/2d8020e1-6489-4555-9956-2dc190aaa61b"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Veshraj Ghimire"
}
],
"source": {
"discovery": "EXTERNAL"
}
},
"credits": [
{
"lang": "en",
"value": "Veshraj Ghimire"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

157
2022/1xxx/CVE-2022-1570.json
View File

@ -1,75 +1,88 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-1570",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Files Download Delay < 1.0.7 - Subscriber+ Settings Reset"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Files Download Delay",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.7",
"version_value": "1.0.7"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Files Download Delay WordPress plugin before 1.0.7 does not have authorisation and CSRF checks when reseting its settings, which could allow any authenticated users, such as subscriber to perform such action."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c0257564-48ee-4d02-865f-82c8b5e793c9",
"name": "https://wpscan.com/vulnerability/c0257564-48ee-4d02-865f-82c8b5e793c9"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1570",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Files Download Delay WordPress plugin before 1.0.7 does not have authorisation and CSRF checks when reseting its settings, which could allow any authenticated users, such as subscriber to perform such action."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Files Download Delay",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.0.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/c0257564-48ee-4d02-865f-82c8b5e793c9",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/c0257564-48ee-4d02-865f-82c8b5e793c9"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Daniel Ruf"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Daniel Ruf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}

164
2022/1xxx/CVE-2022-1572.json
View File

@ -1,75 +1,97 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-1572",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "HTML2WP <= 1.0.0 - Subscriber+ Arbitrary File Deletion"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "HTML2WP",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.0",
"version_value": "1.0.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/9afd1805-d449-4551-986a-f92cb47c95c5",
"name": "https://wpscan.com/vulnerability/9afd1805-d449-4551-986a-f92cb47c95c5"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1572",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "HTML2WP",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "1.0.0"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/9afd1805-d449-4551-986a-f92cb47c95c5",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/9afd1805-d449-4551-986a-f92cb47c95c5"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Daniel Ruf"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Daniel Ruf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

164
2022/1xxx/CVE-2022-1574.json
View File

@ -1,75 +1,97 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-1574",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "HTML2WP <= 1.0.0 - Unauthenticated Arbitrary File Upload"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "HTML2WP",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.0",
"version_value": "1.0.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers can upload arbitrary files (such as PHP) on the remote server"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c36d0ea8-bf5c-4af9-bd3d-911eb02adc14",
"name": "https://wpscan.com/vulnerability/c36d0ea8-bf5c-4af9-bd3d-911eb02adc14"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1574",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers can upload arbitrary files (such as PHP) on the remote server"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "HTML2WP",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "1.0.0"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/c36d0ea8-bf5c-4af9-bd3d-911eb02adc14",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/c36d0ea8-bf5c-4af9-bd3d-911eb02adc14"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Daniel Ruf"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Daniel Ruf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

155
2022/1xxx/CVE-2022-1589.json
View File

@ -1,75 +1,88 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-1589",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Change wp-admin Login < 1.1.0 - Unauthenticated Arbitrary Settings Update"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Change wp-admin login",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.1.0",
"version_value": "1.1.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Change wp-admin login WordPress plugin before 1.1.0 does not properly check for authorisation and is also missing CSRF check when updating its settings, which could allow unauthenticated users to change the settings. The attacked could also be performed via a CSRF vector"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/257f9e14-4f43-4852-8384-80c15d087633",
"name": "https://wpscan.com/vulnerability/257f9e14-4f43-4852-8384-80c15d087633"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-863 Incorrect Authorization",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1589",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Change wp-admin login WordPress plugin before 1.1.0 does not properly check for authorisation and is also missing CSRF check when updating its settings, which could allow unauthenticated users to change the settings. The attacked could also be performed via a CSRF vector"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Change wp-admin login",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/257f9e14-4f43-4852-8384-80c15d087633",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/257f9e14-4f43-4852-8384-80c15d087633"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Daniel Ruf"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Daniel Ruf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

149
2022/1xxx/CVE-2022-1598.json
View File

@ -1,75 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-1598",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WPQA < 5.5 - Unauthenticated Private Message Disclosure"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WPQA Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.4",
"version_value": "5.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WPQA Builder WordPress plugin before 5.4 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/0416ae2f-5670-4080-a88d-3484bb19d8c8",
"name": "https://wpscan.com/vulnerability/0416ae2f-5670-4080-a88d-3484bb19d8c8"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1598",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WPQA Builder WordPress plugin before 5.5 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WPQA Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "5.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/0416ae2f-5670-4080-a88d-3484bb19d8c8",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/0416ae2f-5670-4080-a88d-3484bb19d8c8"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Veshraj Ghimire"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veshraj Ghimire"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}

159
2022/2xxx/CVE-2022-2034.json
View File

@ -1,80 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-2034",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Sensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure via Rest API"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Sensei LMS Online Courses, Quizzes, & Learning",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.5.0",
"version_value": "4.5.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426",
"name": "https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426"
},
{
"refsource": "MISC",
"url": "https://hackerone.com/reports/1590237",
"name": "https://hackerone.com/reports/1590237"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2034",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Sensei LMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.5.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426"
},
{
"url": "https://hackerone.com/reports/1590237",
"refsource": "MISC",
"name": "https://hackerone.com/reports/1590237"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Veshraj Ghimire"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veshraj Ghimire"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}

149
2022/2xxx/CVE-2022-2099.json
View File

@ -1,75 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-2099",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WooCommerce < 6.6.0 - Admin+ Stored HTML Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WooCommerce",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.6.0",
"version_value": "6.6.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/0316e5f3-3302-40e3-8ff4-be3423a3be7b",
"name": "https://wpscan.com/vulnerability/0316e5f3-3302-40e3-8ff4-be3423a3be7b"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2099",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116 Improper Encoding or Escaping of Output"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WooCommerce",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "6.6.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/0316e5f3-3302-40e3-8ff4-be3423a3be7b",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/0316e5f3-3302-40e3-8ff4-be3423a3be7b"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Taurus Omar"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Taurus Omar"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}

156
2022/2xxx/CVE-2022-2146.json
View File

@ -1,75 +1,89 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-2146",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Import CSV Files <= 1.0 - Reflected Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Import CSV Files",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/adc1d752-331e-44af-b5dc-b463d56c2cb4",
"name": "https://wpscan.com/vulnerability/adc1d752-331e-44af-b5dc-b463d56c2cb4"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2146",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Import CSV Files",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "1.0"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/adc1d752-331e-44af-b5dc-b463d56c2cb4",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/adc1d752-331e-44af-b5dc-b463d56c2cb4"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Benachi"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Benachi"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

149
2022/2xxx/CVE-2022-2241.json
View File

@ -1,75 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-2241",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Featured Image from URL < 4.0.0 - Arbitrary Settings Update to Stored XSS via CSRF"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Featured Image from URL (FIFU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.0.0",
"version_value": "4.0.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Featured Image from URL (FIFU) WordPress plugin before 4.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of validation, sanitisation and escaping in some of them, it could also lead to Stored XSS issues"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/8670d196-972b-491b-8d9b-25994a345f57",
"name": "https://wpscan.com/vulnerability/8670d196-972b-491b-8d9b-25994a345f57"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2241",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of validation, sanitisation and escaping in some of them, it could also lead to Stored XSS issues"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116 Improper Encoding or Escaping of Output"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Featured Image from URL (FIFU)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/8670d196-972b-491b-8d9b-25994a345f57",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/8670d196-972b-491b-8d9b-25994a345f57"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Raad Haddad of Cloudyrion GmbH"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}

147
2022/2xxx/CVE-2022-2354.json
View File

@ -1,75 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-2354",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP-DBManager < 2.80.8 - Admin+ Remote Command Execution"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP-DBManager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.80.8",
"version_value": "2.80.8"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/1c8c5861-ce87-4813-9e26-470d63c1903a",
"name": "https://wpscan.com/vulnerability/1c8c5861-ce87-4813-9e26-470d63c1903a"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2354",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP-DBManager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.80.8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/1c8c5861-ce87-4813-9e26-470d63c1903a",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/1c8c5861-ce87-4813-9e26-470d63c1903a"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Raad Haddad of Cloudyrion GmbH"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

149
2022/2xxx/CVE-2022-2370.json
View File

@ -1,75 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-2370",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "YaySMTP < 2.2.1 - Subscriber+ SMTP Credentials Leak"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "YaySMTP Simple WP SMTP Mail",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.2.1",
"version_value": "2.2.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The YaySMTP WordPress plugin before 2.2.1 does not have capability check before displaying the Mailer Credentials in JS code for the settings, allowing any authenticated users, such as subscriber to retrieve them"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/bedda2a9-6c52-478e-b17a-7a4488419334",
"name": "https://wpscan.com/vulnerability/bedda2a9-6c52-478e-b17a-7a4488419334"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-668 Exposure of Resource to Wrong Sphere",
"lang": "eng"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2370",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The YaySMTP WordPress plugin before 2.2.1 does not have capability check before displaying the Mailer Credentials in JS code for the settings, allowing any authenticated users, such as subscriber to retrieve them"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "YaySMTP",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/bedda2a9-6c52-478e-b17a-7a4488419334",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/bedda2a9-6c52-478e-b17a-7a4488419334"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Rafshanzani Suhada"
},
{
"lang": "en",
"value": "WPScan"
}
]
},
"credit": [
{
"lang": "eng",
"value": "Rafshanzani Suhada"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}