admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-12-30 05:58:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adds WPSCan March#3 CVEs

Browse Source
This commit is contained in:
erwanlr 2021-04-05 10:51:57 +02:00
parent c6027d03d5
commit 353a319124
21 changed files with 1607 additions and 315 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
2021/24xxx/CVE-2021-24180.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24180",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24180",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Related Posts for WordPress < 2.0.4 - Authenticated Reflected Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Related Posts for WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.4",
"version_value": "2.0.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unvalidated input and lack of output encoding within the Related Posts for WordPress plugin before 2.0.4 lead to a Reflected Cross-Site Scripting (XSS) vulnerability within the 'lang' GET parameter while editing a post, triggered when users with the capability of editing posts access a malicious URL."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/7593d5c8-cbc2-4469-b36b-5d4fb6d49718",
"name": "https://wpscan.com/vulnerability/7593d5c8-cbc2-4469-b36b-5d4fb6d49718"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Nguyen Anh Tien - SunCSR (Sun* Cyber Security Research)"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24181.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24181",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24181",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Tutor LMS < 1.7.7 - SQL Injection via tutor_mark_answer_as_correct"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Tutor LMS eLearning and online course solution",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.7",
"version_value": "1.7.7"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tutor_mark_answer_as_correct AJAX action from the Tutor LMS eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17",
"name": "https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
"name": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24182.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24182",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24182",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Tutor LMS < 1.8.3 - SQL Injection via tutor_quiz_builder_get_answers_by_question"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Tutor LMS eLearning and online course solution",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.8.3",
"version_value": "1.8.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tutor_quiz_builder_get_answers_by_question AJAX action from the Tutor LMS eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/f74dfc52-46ba-41e3-994b-23115a22984f",
"name": "https://wpscan.com/vulnerability/f74dfc52-46ba-41e3-994b-23115a22984f"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
"name": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24183.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24183",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24183",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Tutor LMS < 1.8.3 - SQL Injection via tutor_quiz_builder_get_question_form"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Tutor LMS eLearning and online course solution",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.8.3",
"version_value": "1.8.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/9b8da6b7-f1d6-4a7d-a621-4ca01e4b7496",
"name": "https://wpscan.com/vulnerability/9b8da6b7-f1d6-4a7d-a621-4ca01e4b7496"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
"name": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24184.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24184",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24184",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Tutor LMS < 1.7.7 - Unprotected AJAX including Privilege Escalation"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Tutor LMS eLearning and online course solution",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.7",
"version_value": "1.7.7"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Several AJAX endpoints in the Tutor LMS eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/5e85917c-7a58-49cb-b8b3-05aa18ffff3e",
"name": "https://wpscan.com/vulnerability/5e85917c-7a58-49cb-b8b3-05aa18ffff3e"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
"name": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-269 Improper Privilege Management",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24185.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24185",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24185",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Tutor LMS < 1.7.7 - SQL Injection via tutor_place_rating"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Tutor LMS eLearning and online course solution",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.7",
"version_value": "1.7.7"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tutor_place_rating AJAX action from the Tutor LMS eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/0cba5349-e916-43f0-a1fe-62cf73e352a2",
"name": "https://wpscan.com/vulnerability/0cba5349-e916-43f0-a1fe-62cf73e352a2"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
"name": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24186.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24186",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24186",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Tutor LMS < 1.8.3 - SQL Injection via tutor_answering_quiz_question/get_answer_by_id"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Tutor LMS eLearning and online course solution",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.8.3",
"version_value": "1.8.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60",
"name": "https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
"name": "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24187.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24187",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24187",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "SEO Redirection <= 6.3 - Authenticated Reflected Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "SEO Redirection Plugin 301 Redirect Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "6.3",
"version_value": "6.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The setting page of the SEO Redirection Plugin 301 Redirect Manager WordPress plugin through 6.3 is vulnerable to reflected Cross-Site Scripting (XSS) as user input is not properly sanitised before being output in an attribute."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/c234700e-61dd-46a0-90fb-609e704269a9",
"name": "https://wpscan.com/vulnerability/c234700e-61dd-46a0-90fb-609e704269a9"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Nguyen Anh Tien - SunCSR (Sun* Cyber Security Research)"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24196.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24196",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Social Slider Widget < 1.8.5 - Authenticated Reflected Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Social Slider Widget",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.8.5",
"version_value": "1.8.5"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the token_error parameter can be controlled by users and it is directly echoed without being sanitized"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/bb20d732-a5e4-4140-ab51-b2aa1a53db12",
"name": "https://wpscan.com/vulnerability/bb20d732-a5e4-4140-ab51-b2aa1a53db12"
},
{
"refsource": "MISC",
"url": "https://purinechu.github.io/posts/social_slider_widget_reflected_xss/",
"name": "https://purinechu.github.io/posts/social_slider_widget_reflected_xss/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "purine chu"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24201.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24201",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24201",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Column Element"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Elementor Website Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.1.4",
"version_value": "3.1.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Elementor Website Builder WordPress plugin before 3.1.4, the column element (includes/elements/column.php) accepts an html_tag parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified save_builder request containing JavaScript in the html_tag parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/9647f516-b130-4cc8-85fb-2e69b034ced0",
"name": "https://wpscan.com/vulnerability/9647f516-b130-4cc8-85fb-2e69b034ced0"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/",
"name": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ramuel Gall"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24202.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24202",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24202",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Heading Widget"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Elementor Website Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.1.4",
"version_value": "3.1.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Elementor Website Builder WordPress plugin before 3.1.4, the heading widget (includes/widgets/heading.php) accepts a header_size parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified save_builder request with this parameter set to script and combined with a title parameter containing JavaScript, which will then be executed when the saved page is viewed or previewed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/b72bd13d-c8e2-4347-b009-542fc0fe21bb",
"name": "https://wpscan.com/vulnerability/b72bd13d-c8e2-4347-b009-542fc0fe21bb"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/",
"name": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ramuel Gall"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24203.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24203",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24203",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Divider Widget"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Elementor Website Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.1.4",
"version_value": "3.1.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Elementor Website Builder WordPress plugin before 3.1.4, the divider widget (includes/widgets/divider.php) accepts an html_tag parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified save_builder request with this parameter set to script and combined with a text parameter containing JavaScript, which will then be executed when the saved page is viewed or previewed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/aa152ad0-5b3d-4d1f-88f4-6899a546e72e",
"name": "https://wpscan.com/vulnerability/aa152ad0-5b3d-4d1f-88f4-6899a546e72e"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/",
"name": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ramuel Gall"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24204.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24204",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24204",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Accordion Widget"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Elementor Website Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.1.4",
"version_value": "3.1.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Elementor Website Builder WordPress plugin before 3.1.4, the accordion widget (includes/widgets/accordion.php) accepts a title_html_tag parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified save_builder request containing JavaScript in the title_html_tag parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/772e172f-c8b4-4a6a-9eb9-9663295cfedf",
"name": "https://wpscan.com/vulnerability/772e172f-c8b4-4a6a-9eb9-9663295cfedf"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/",
"name": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ramuel Gall"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24205.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24205",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24205",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Icon Box Widget"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Elementor Website Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.1.4",
"version_value": "3.1.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Elementor Website Builder WordPress plugin before 3.1.4, the icon box widget (includes/widgets/icon-box.php) accepts a title_size parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified save_builder request containing JavaScript in the title_size parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/ef23df6d-e265-44f6-bb94-1005b16d34d9",
"name": "https://wpscan.com/vulnerability/ef23df6d-e265-44f6-bb94-1005b16d34d9"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/",
"name": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ramuel Gall"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24206.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24206",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24206",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Image Box Widget"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Elementor Website Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.1.4",
"version_value": "3.1.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Elementor Website Builder WordPress plugin before 3.1.4, the image box widget (includes/widgets/image-box.php) accepts a title_size parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified save_builder request containing JavaScript in the title_size parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/2f66efd9-7d55-4f33-9109-3cb583a0c309",
"name": "https://wpscan.com/vulnerability/2f66efd9-7d55-4f33-9109-3cb583a0c309"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/",
"name": "https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ramuel Gall"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24207.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24207",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24207",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP Page Builder < 1.2.4 - Insecure default configuration Allows Subscribers Editing Access to Posts"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP Page Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.2.4",
"version_value": "1.2.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "By default, the WP Page Builder WordPress plugin before 1.2.4 allows subscriber-level users to edit and make changes to any and all posts pages - user roles must be specifically blocked from editing posts and pages."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/21e7a46f-e9a3-4b20-b44a-a5b6ce7b7ce6",
"name": "https://wpscan.com/vulnerability/21e7a46f-e9a3-4b20-b44a-a5b6ce7b7ce6"
},
{
"refsource": "MISC",
"url": "https://www.themeum.com/wp-page-builder-updated-v1-2-4/",
"name": "https://www.themeum.com/wp-page-builder-updated-v1-2-4/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ramuel Gall"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24208.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24208",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24208",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP Page Builder < 1.2.4 - Multiple Stored Cross-Site scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP Page Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.2.4",
"version_value": "1.2.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The editor of the WP Page Builder WordPress plugin before 1.2.4 allows lower-privileged users to insert unfiltered HTML, including JavaScript, into pages via the “Raw HTML” widget and the “Custom HTML” widgets (though the custom HTML widget requires sending a crafted request - it appears that this widget uses some form of client side validation but not server side validation), all of which are added via the “page_builder_data” parameter when performing the “wppb_page_save” AJAX action. It is also possible to insert malicious JavaScript via the “wppb_page_css” parameter (this can be done by closing out the style tag and opening a script tag) when performing the “wppb_page_save” AJAX action."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/c20e243d-b0de-4ae5-9a0d-b9d02c9b8141",
"name": "https://wpscan.com/vulnerability/c20e243d-b0de-4ae5-9a0d-b9d02c9b8141"
},
{
"refsource": "MISC",
"url": "https://www.themeum.com/wp-page-builder-updated-v1-2-4/",
"name": "https://www.themeum.com/wp-page-builder-updated-v1-2-4/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ramuel Gall"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

97
2021/24xxx/CVE-2021-24209.json
View File

@ -1,18 +1,85 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24209",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24209",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP Super Cache < 1.7.2 - Authenticated Remote Code Execution (RCE)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP Super Cache",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.7.2",
"version_value": "1.7.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Settings -> Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this vulnerability can be exploited for a web shell injection."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/733d8a02-0d44-4b78-bbb2-37e447acd2f3",
"name": "https://wpscan.com/vulnerability/733d8a02-0d44-4b78-bbb2-37e447acd2f3"
},
{
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/2496238/wp-super-cache",
"name": "https://plugins.trac.wordpress.org/changeset/2496238/wp-super-cache"
},
{
"refsource": "MISC",
"url": "https://m0ze.ru/vulnerability/[2021-03-13]-[WordPress]-[CWE-94]-WP-Super-Cache-WordPress-Plugin-v1.7.1.txt",
"name": "https://m0ze.ru/vulnerability/[2021-03-13]-[WordPress]-[CWE-94]-WP-Super-Cache-WordPress-Plugin-v1.7.1.txt"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "m0ze"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24210.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24210",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24210",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "PhastPress < 1.111 - Open Redirect"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "PhastPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.111",
"version_value": "1.111"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an open redirect in the PhastPress WordPress plugin before 1.111 that allows an attacker to malform a request to a page with the plugin and then redirect the victim to a malicious page. There is also a support comment from another user one year ago (https://wordpress.org/support/topic/phast-php-used-for-remote-fetch/) that says that the php involved in the request only go to whitelisted pages but it's possible to redirect the victim to any domain."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/9b3c5412-8699-49e8-b60c-20d2085857fb",
"name": "https://wpscan.com/vulnerability/9b3c5412-8699-49e8-b60c-20d2085857fb"
},
{
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/2497610/",
"name": "https://plugins.trac.wordpress.org/changeset/2497610/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Felipe Restrepo Rodriguez"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24211.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24211",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24211",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WordPress Related Posts <= 3.6.4 - Authenticated Stored Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WordPress Related Posts",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "3.6.4",
"version_value": "3.6.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WordPress Related Posts plugin through 3.6.4 contains an authenticated (admin+) stored XSS vulnerability in the title field on the settings page. By exploiting that an attacker will be able to execute JavaScript code in the user's browser."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/37e0a033-3dee-476d-ae86-68354e8f0b1c",
"name": "https://wpscan.com/vulnerability/37e0a033-3dee-476d-ae86-68354e8f0b1c"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ganesh Bagaria"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24212.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24212",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24212",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WooCommerce Help Scout < 2.9.1 - Unauthenticated Arbitrary File Upload leading to RCE"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WooCommerce Help Scout",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.9.1",
"version_value": "2.9.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/cf9305e8-f5bc-45c3-82db-0ef00fd46129",
"name": "https://wpscan.com/vulnerability/cf9305e8-f5bc-45c3-82db-0ef00fd46129"
},
{
"refsource": "MISC",
"url": "http://dzv365zjfbd8v.cloudfront.net/changelogs/woocommerce-help-scout/changelog.txt",
"name": "http://dzv365zjfbd8v.cloudfront.net/changelogs/woocommerce-help-scout/changelog.txt"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Ville Korhonen / Seravo"
}
],
"source": {
"discovery": "UNKNOWN"
}
}