admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-07-04 09:00:36 +00:00
parent 0743eb8985
commit 2dbc320556
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
17 changed files with 1321 additions and 1150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
2022/0xxx/CVE-2022-0450.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-0450",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Menu Image, Icons made easy < 3.0.8 - Subscriber+ Stored Cross-Site Scripting"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Menu Image, Icons made easy WordPress plugin before 3.0.6 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the settings or arbitrary menu and put Cross-Site Scripting payloads in them which will be triggered in the related menu in the frontend"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116 Improper Encoding or Escaping of Output"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,8 +40,8 @@
"version_data": [
{
"version_affected": "<",
"version_name": "3.0.8",
"version_value": "3.0.8"
"version_name": "0",
"version_value": "3.0.6"
}
]
}
@ -34,42 +52,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Menu Image, Icons made easy WordPress plugin before 3.0.8 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the settings or arbitrary menu and put Cross-Site Scripting payloads in them which will be triggered in the related menu in the frontend"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zając"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Krzysztof Zaj\u0105c"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

79
2022/0xxx/CVE-2022-0634.json
View File

@ -1,14 +1,40 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-0634",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "ThirstyAffiliates < 3.10.5 - Subscriber+ unauthorized image upload + CSRF"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. Further the plugin lacks csrf checks, allowing an attacker to trick a logged in user to perform the action by crafting a special request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +48,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "3.10.5",
"version_name": "0",
"version_value": "3.10.5"
}
]
@ -34,42 +60,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. Further the plugin lacks csrf checks, allowing an attacker to trick a logged in user to perform the action by crafting a special request."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Muhamad Hidayat"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Muhamad Hidayat"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

79
2022/0xxx/CVE-2022-0952.json
View File

@ -1,14 +1,40 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-0952",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +48,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.36",
"version_name": "0",
"version_value": "1.0.36"
}
]
@ -34,42 +60,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "cydave"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "cydave"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

107
2022/1xxx/CVE-2022-1092.json
View File

@ -1,53 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1092",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "myCred < 2.4.4 - Subscriber+ Import/Export to Email Address Disclosure"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "myCred Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.4.4",
"version_value": "2.4.4"
}
]
}
}
]
}
}
]
}
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The myCred WordPress plugin before 2.4.4 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of email address present in the blog"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61",
"name": "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61"
"value": "The myCred WordPress plugin before 2.4.3.1 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of email address present in the blog"
}
]
},
@ -56,20 +20,69 @@
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"credit": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "David Hamann"
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "myCred",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.4.3.1"
}
],
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "David Hamann"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

84
2022/1xxx/CVE-2022-1203.json
View File

@ -1,14 +1,40 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1203",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +48,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1.8.4.1",
"version_name": "0",
"version_value": "1.8.4.1"
}
]
@ -34,47 +60,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820",
"name": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820"
},
{
"refsource": "MISC",
"name": "https://www.pluginvulnerabilities.com/2021/05/28/our-proactive-monitoring-caught-an-authenticated-option-update-vulnerability-in-content-mask/",
"url": "https://www.pluginvulnerabilities.com/2021/05/28/our-proactive-monitoring-caught-an-authenticated-option-update-vulnerability-in-content-mask/"
"name": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "ptsfence"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "ptsfence"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

71
2022/1xxx/CVE-2022-1323.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1323",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Discy < 5.0 - Subscriber+ Broken Access Control to change settings"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discy_update_options action, allowing any logged in users (with privileges as low as Subscriber,) to change Theme options by sending a crafted POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "5.0",
"version_name": "0",
"version_value": "5.0"
}
]
@ -34,42 +52,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discy_update_options action, allowing any logged in users (with privileges as low as Subscriber,) to change Theme options by sending a crafted POST request."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/2d8020e1-6489-4555-9956-2dc190aaa61b",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/2d8020e1-6489-4555-9956-2dc190aaa61b"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Veshraj Ghimire"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Veshraj Ghimire"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

79
2022/1xxx/CVE-2022-1570.json
View File

@ -1,14 +1,40 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1570",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Files Download Delay < 1.0.7 - Subscriber+ Settings Reset"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Files Download Delay WordPress plugin before 1.0.7 does not have authorisation and CSRF checks when reseting its settings, which could allow any authenticated users, such as subscriber to perform such action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +48,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.7",
"version_name": "0",
"version_value": "1.0.7"
}
]
@ -34,42 +60,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Files Download Delay WordPress plugin before 1.0.7 does not have authorisation and CSRF checks when reseting its settings, which could allow any authenticated users, such as subscriber to perform such action."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c0257564-48ee-4d02-865f-82c8b5e793c9",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/c0257564-48ee-4d02-865f-82c8b5e793c9"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Daniel Ruf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Daniel Ruf"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

104
2022/1xxx/CVE-2022-1572.json
View File

@ -1,14 +1,40 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1572",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "HTML2WP <= 1.0.0 - Subscriber+ Arbitrary File Deletion"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -21,55 +47,51 @@
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.0",
"version_value": "1.0.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lang": "eng",
"value": "The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file"
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "1.0.0"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/9afd1805-d449-4551-986a-f92cb47c95c5",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/9afd1805-d449-4551-986a-f92cb47c95c5"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Daniel Ruf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Daniel Ruf"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

104
2022/1xxx/CVE-2022-1574.json
View File

@ -1,14 +1,40 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1574",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "HTML2WP <= 1.0.0 - Unauthenticated Arbitrary File Upload"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers can upload arbitrary files (such as PHP) on the remote server"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -21,55 +47,51 @@
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.0",
"version_value": "1.0.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lang": "eng",
"value": "The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers can upload arbitrary files (such as PHP) on the remote server"
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "1.0.0"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c36d0ea8-bf5c-4af9-bd3d-911eb02adc14",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/c36d0ea8-bf5c-4af9-bd3d-911eb02adc14"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Daniel Ruf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Daniel Ruf"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

79
2022/1xxx/CVE-2022-1589.json
View File

@ -1,14 +1,40 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1589",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Change wp-admin Login < 1.1.0 - Unauthenticated Arbitrary Settings Update"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Change wp-admin login WordPress plugin before 1.1.0 does not properly check for authorisation and is also missing CSRF check when updating its settings, which could allow unauthenticated users to change the settings. The attacked could also be performed via a CSRF vector"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +48,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1.1.0",
"version_name": "0",
"version_value": "1.1.0"
}
]
@ -34,42 +60,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Change wp-admin login WordPress plugin before 1.1.0 does not properly check for authorisation and is also missing CSRF check when updating its settings, which could allow unauthenticated users to change the settings. The attacked could also be performed via a CSRF vector"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/257f9e14-4f43-4852-8384-80c15d087633",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/257f9e14-4f43-4852-8384-80c15d087633"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-863 Incorrect Authorization",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Daniel Ruf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Daniel Ruf"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

73
2022/1xxx/CVE-2022-1598.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-1598",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WPQA < 5.5 - Unauthenticated Private Message Disclosure"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WPQA Builder WordPress plugin before 5.5 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,8 +40,8 @@
"version_data": [
{
"version_affected": "<",
"version_name": "5.4",
"version_value": "5.4"
"version_name": "0",
"version_value": "5.5"
}
]
}
@ -34,42 +52,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WPQA Builder WordPress plugin before 5.4 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/0416ae2f-5670-4080-a88d-3484bb19d8c8",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/0416ae2f-5670-4080-a88d-3484bb19d8c8"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Veshraj Ghimire"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Veshraj Ghimire"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

75
2022/2xxx/CVE-2022-2034.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2034",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Sensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure via Rest API"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -17,12 +35,12 @@
"product": {
"product_data": [
{
"product_name": "Sensei LMS Online Courses, Quizzes, & Learning",
"product_name": "Sensei LMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.5.0",
"version_name": "0",
"version_value": "4.5.0"
}
]
@ -34,47 +52,34 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426"
},
{
"refsource": "MISC",
"url": "https://hackerone.com/reports/1590237",
"refsource": "MISC",
"name": "https://hackerone.com/reports/1590237"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Veshraj Ghimire"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Veshraj Ghimire"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

71
2022/2xxx/CVE-2022-2099.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2099",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WooCommerce < 6.6.0 - Admin+ Stored HTML Injection"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116 Improper Encoding or Escaping of Output"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "6.6.0",
"version_name": "0",
"version_value": "6.6.0"
}
]
@ -34,42 +52,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/0316e5f3-3302-40e3-8ff4-be3423a3be7b",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/0316e5f3-3302-40e3-8ff4-be3423a3be7b"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Taurus Omar"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Taurus Omar"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

96
2022/2xxx/CVE-2022-2146.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2146",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Import CSV Files <= 1.0 - Reflected Cross-Site Scripting"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -21,55 +39,51 @@
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lang": "eng",
"value": "The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting"
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "1.0"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/adc1d752-331e-44af-b5dc-b463d56c2cb4",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/adc1d752-331e-44af-b5dc-b463d56c2cb4"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Benachi"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Benachi"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

73
2022/2xxx/CVE-2022-2241.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2241",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Featured Image from URL < 4.0.0 - Arbitrary Settings Update to Stored XSS via CSRF"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of validation, sanitisation and escaping in some of them, it could also lead to Stored XSS issues"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116 Improper Encoding or Escaping of Output"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,8 +40,8 @@
"version_data": [
{
"version_affected": "<",
"version_name": "4.0.0",
"version_value": "4.0.0"
"version_name": "0",
"version_value": "4.0.1"
}
]
}
@ -34,42 +52,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Featured Image from URL (FIFU) WordPress plugin before 4.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of validation, sanitisation and escaping in some of them, it could also lead to Stored XSS issues"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/8670d196-972b-491b-8d9b-25994a345f57",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/8670d196-972b-491b-8d9b-25994a345f57"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Raad Haddad of Cloudyrion GmbH"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

71
2022/2xxx/CVE-2022-2354.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2354",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP-DBManager < 2.80.8 - Admin+ Remote Command Execution"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -22,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "2.80.8",
"version_name": "0",
"version_value": "2.80.8"
}
]
@ -34,42 +52,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/1c8c5861-ce87-4813-9e26-470d63c1903a",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/1c8c5861-ce87-4813-9e26-470d63c1903a"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Raad Haddad of Cloudyrion GmbH"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

73
2022/2xxx/CVE-2022-2370.json
View File

@ -1,14 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-2370",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "YaySMTP < 2.2.1 - Subscriber+ SMTP Credentials Leak"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The YaySMTP WordPress plugin before 2.2.1 does not have capability check before displaying the Mailer Credentials in JS code for the settings, allowing any authenticated users, such as subscriber to retrieve them"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
@ -17,12 +35,12 @@
"product": {
"product_data": [
{
"product_name": "YaySMTP Simple WP SMTP Mail",
"product_name": "YaySMTP",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.2.1",
"version_name": "0",
"version_value": "2.2.1"
}
]
@ -34,42 +52,29 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The YaySMTP WordPress plugin before 2.2.1 does not have capability check before displaying the Mailer Credentials in JS code for the settings, allowing any authenticated users, such as subscriber to retrieve them"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/bedda2a9-6c52-478e-b17a-7a4488419334",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/bedda2a9-6c52-478e-b17a-7a4488419334"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-668 Exposure of Resource to Wrong Sphere",
"lang": "eng"
}
]
}
]
"generator": {
"engine": "WPScan CVE Generator"
},
"credit": [
{
"lang": "eng",
"value": "Rafshanzani Suhada"
}
],
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Rafshanzani Suhada"
},
{
"lang": "en",
"value": "WPScan"
}
]
}