admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-09 03:57:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adds WPscan CVEs

Browse Source
This commit is contained in:
erwanlr 2021-06-21 11:45:57 +02:00
parent aa86de10ad
commit 79f9a1e3ce
14 changed files with 1055 additions and 220 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2021/24xxx/CVE-2021-24361.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24361",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24361",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "GeoDirectory Location Manager < 2.1.0.10 - Multiple Unauthenticated SQL Injections"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AyeCode Ltd",
"product": {
"product_data": [
{
"product_name": "Location Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.1.0.10",
"version_value": "2.1.0.10"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gd_popular_location_list did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/5aff50fc-ac96-4076-a07c-bb145ae37025",
"name": "https://wpscan.com/vulnerability/5aff50fc-ac96-4076-a07c-bb145ae37025"
},
{
"refsource": "MISC",
"url": "https://wpgeodirectory.com/downloads/location-manager/",
"name": "https://wpgeodirectory.com/downloads/location-manager/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Rafal Goryl"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24364.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24364",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24364",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Jannah < 5.4.4 - Reflected Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TieLabs",
"product": {
"product_data": [
{
"product_name": "Jannah",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.4.4",
"version_value": "5.4.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jannah WordPress theme before 5.4.4 did not properly sanitize the options JSON parameter in its tie_get_user_weather AJAX action before outputting it back in the page, leading to a Reflected Cross-Site Scripting (XSS) vulnerability."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/1d53fbe5-a879-42ca-a9d3-768a80018382",
"name": "https://wpscan.com/vulnerability/1d53fbe5-a879-42ca-a9d3-768a80018382"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Truoc Phan - Techlab Corporation"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

109
2021/24xxx/CVE-2021-24366.json
View File

@ -1,18 +1,97 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24366",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24366",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Admin Columns Free < 4.3 & Pro < 5.5.1 - Authenticated Stored Cross-Site Scripting (XSS) in Label"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AdminColumns",
"product": {
"product_data": [
{
"product_name": "Admin Columns",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "3.0",
"version_value": "3.0"
},
{
"version_affected": "<",
"version_name": "4.3",
"version_value": "4.3"
}
]
}
},
{
"product_name": "Admin Columns Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.5.1",
"version_value": "5.5.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Admin Columns Free WordPress plugin before 4.3 and Admin Columns Pro WordPress plugin before 5.5.1, rendered input on the posted pages with improper input validation on the value passed into the field 'Label' parameter, by taking this as an advantage an authenticated attacker can supply a crafted arbitrary script and execute it."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/05427156-4d5c-4aeb-add8-1c574fda5c28",
"name": "https://wpscan.com/vulnerability/05427156-4d5c-4aeb-add8-1c574fda5c28"
},
{
"refsource": "MISC",
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-24366",
"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-24366"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Daniel Elkabes of WhiteSource"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24367.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24367",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24367",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP Config File Editor <= 1.7.1 - Authenticated Stored Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP Config File Editor",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.7.1",
"version_value": "1.7.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Config File Editor WordPress plugin through 1.7.1 was affected by an Authenticated Stored Cross-Site Scripting (XSS) vulnerability."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/f35b7c8f-cfb6-42b6-8a3a-8c07cd1e9da0",
"name": "https://wpscan.com/vulnerability/f35b7c8f-cfb6-42b6-8a3a-8c07cd1e9da0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "blackangel"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24369.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24369",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24369",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "GetPaid < 2.3.4 - Authenticated Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AyeCode Ltd",
"product": {
"product_data": [
{
"product_name": "WordPress Payments Plugin | GetPaid",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.3.4",
"version_value": "2.3.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the GetPaid WordPress plugin before 2.3.4, users with the contributor role and above can create a new Payment Form, however the Label and Help Text input fields were not getting sanitized properly. So it was possible to inject malicious content such as img tags, leading to a Stored Cross-Site Scripting issue which is triggered when the form will be edited, for example when an admin reviews it and could lead to privilege escalation."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/1d1a731b-78f7-4d97-b40d-80f66700edae",
"name": "https://wpscan.com/vulnerability/1d1a731b-78f7-4d97-b40d-80f66700edae"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Jörg Steinsträter"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24370.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24370",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24370",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Fancy Product Designer < 4.6.9 - Unauthenticated Arbitrary File Upload and RCE"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Fancy Product Designer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.6.9",
"version_value": "4.6.9"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/82c52461-1fdc-41e4-9f51-f9dd84962b38",
"name": "https://wpscan.com/vulnerability/82c52461-1fdc-41e4-9f51-f9dd84962b38"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/06/critical-0-day-in-fancy-product-designer-under-active-attack/",
"name": "https://www.wordfence.com/blog/2021/06/critical-0-day-in-fancy-product-designer-under-active-attack/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Charles Sweethill/Ram Gall"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24372.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24372",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24372",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP Hardening < 1.2.2 - Reflected XSS via URI"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP Hardening Fix Your WordPress Security",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.2.2",
"version_value": "1.2.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Hardening Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the $_SERVER['REQUEST_URI'] before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/5340ae4e-95ba-4a69-beb1-3459cac17782",
"name": "https://wpscan.com/vulnerability/5340ae4e-95ba-4a69-beb1-3459cac17782"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "dc11"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24373.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24373",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24373",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP Hardening < 1.2.2 - Reflected XSS via historyvalue"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP Hardening Fix Your WordPress Security",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.2.2",
"version_value": "1.2.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Hardening Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the historyvalue GET parameter before outputting it in a Javascript block, leading to a reflected Cross-Site Scripting issue."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/fcf17278-609f-4f75-8a87-9b4579dee1c8",
"name": "https://wpscan.com/vulnerability/fcf17278-609f-4f75-8a87-9b4579dee1c8"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "dc11"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

92
2021/24xxx/CVE-2021-24374.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24374",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24374",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Jetpack < 9.8 - Carousel Module Non-Published Page/Post Attachment Comment Leak"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Automattic",
"product": {
"product_data": [
{
"product_name": "Jetpack WP Security, Backup, Speed, & Growth",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.8",
"version_value": "9.8"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a \"carousel\" type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leaked."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/08a8a51c-49d3-4bce-b7e0-e365af1d8f33",
"name": "https://wpscan.com/vulnerability/08a8a51c-49d3-4bce-b7e0-e365af1d8f33"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/06/01/jetpack-9-8-engage-your-audience-with-wordpress-stories/",
"name": "https://jetpack.com/2021/06/01/jetpack-9-8-engage-your-audience-with-wordpress-stories/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "nguyenhg_vcs"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24376.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24376",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24376",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Autoptimize < 2.7.8 - Arbitrary File Upload via \"Import Settings\""
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Autoptimize",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.7.8",
"version_value": "2.7.8"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the \"Import Settings\" feature, after its extraction. However, the extracted folders are not checked and it is possible to upload a zip which contained a directory with PHP file in it and then it is not removed from the disk. It is a bypass of CVE-2020-24948 which allows sending a PHP file via the \"Import Settings\" functionality to achieve Remote Code Execution."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/93edcc23-894a-46c2-84d2-407dcb64ba1e",
"name": "https://wpscan.com/vulnerability/93edcc23-894a-46c2-84d2-407dcb64ba1e"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Marcin Węgłowski"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24377.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24377",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24377",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Autoptimize < 2.7.8 - Race Condition leading to RCE"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Autoptimize",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.7.8",
"version_value": "2.7.8"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Autoptimize WordPress plugin before 2.7.8 attempts to remove potential malicious files from the extracted archive uploaded via the 'Import Settings' feature, however this is not sufficient to protect against RCE as a race condition can be achieved in between the moment the file is extracted on the disk but not yet removed. It is a bypass of CVE-2020-24948."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/85c0a564-2e56-413d-bc3a-1039343207e4",
"name": "https://wpscan.com/vulnerability/85c0a564-2e56-413d-bc3a-1039343207e4"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Marcin Węgłowski"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24378.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24378",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24378",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Autoptimize < 2.7.8 - Authenticated Stored XSS via File Upload"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Autoptimize",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.7.8",
"version_value": "2.7.8"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Autoptimize WordPress plugin before 2.7.8 does not check for malicious files such as .html in the archive uploaded via the 'Import Settings' feature. As a result, it is possible for a high privilege user to upload a malicious file containing JavaScript code inside an archive which will execute when a victim visits index.html inside the plugin directory."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/375bd694-1a30-41af-bbd4-8a8ee54f0dbf",
"name": "https://wpscan.com/vulnerability/375bd694-1a30-41af-bbd4-8a8ee54f0dbf"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Marcin Węgłowski"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24379.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24379",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24379",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Comments Like Dislike < 1.1.4 - Add Like/Dislike Bypass"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Comments Like Dislike",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.1.4",
"version_value": "1.1.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user (even unauthenticated) to add unlimited like/dislike to any comment. The plugin appears to have some Restriction modes, such as Cookie Restriction, IP Restrictions, Logged In User Restriction, however, they do not prevent such attack as they only check client side"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/aae7a889-195c-45a3-bbe4-e6d4cd2d7fd9",
"name": "https://wpscan.com/vulnerability/aae7a889-195c-45a3-bbe4-e6d4cd2d7fd9"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Phu Tran from techlabcorp.com"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

87
2021/24xxx/CVE-2021-24383.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24383",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24383",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP Google Maps < 8.1.12 - Authenticated Stored Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WP Google Maps",
"product": {
"product_data": [
{
"product_name": "WP Google Maps",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8.1.12",
"version_value": "8.1.12"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/1270588c-53fe-447e-b83c-1b877dc7a954",
"name": "https://wpscan.com/vulnerability/1270588c-53fe-447e-b83c-1b877dc7a954"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Mohammed Adam"
}
],
"source": {
"discovery": "UNKNOWN"
}
}