admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-06-14 14:00:59 +00:00
parent 7e750aeb14
commit 91aeb4daa4
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 522 additions and 522 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
2021/24xxx/CVE-2021-24347.json
View File

@ -1,75 +1,75 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24347",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "SP Project & Document Manager <2 4.22 - Authenticated Shell Upload"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "SP Project & Document Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.22",
"version_value": "4.22"
"CVE_data_meta": {
"ID": "CVE-2021-24347",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "SP Project & Document Manager <2 4.22 - Authenticated Shell Upload"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "SP Project & Document Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.22",
"version_value": "4.22"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be uploaded by changing the file extension's case, for example, from \"php\" to \"pHP\"."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/8f6e82d5-c0e9-468e-acb8-7cd549f6a45a",
"name": "https://wpscan.com/vulnerability/8f6e82d5-c0e9-468e-acb8-7cd549f6a45a"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be uploaded by changing the file extension's case, for example, from \"php\" to \"pHP\"."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Viktor Markopoulos"
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/8f6e82d5-c0e9-468e-acb8-7cd549f6a45a",
"name": "https://wpscan.com/vulnerability/8f6e82d5-c0e9-468e-acb8-7cd549f6a45a"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Viktor Markopoulos"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}

154
2021/24xxx/CVE-2021-24353.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24353",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple 301 Redirects by BetterLinks - 2.0.0 2.0.3 - Unauthenticated Redirect Import "
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple 301 Redirects by BetterLinks",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"version_affected": "<",
"version_name": "2.0.4",
"version_value": "2.0.4"
"CVE_data_meta": {
"ID": "CVE-2021-24353",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple 301 Redirects by BetterLinks - 2.0.0 \u2013 2.0.3 - Unauthenticated Redirect Import "
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple 301 Redirects by BetterLinks",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"version_affected": "<",
"version_name": "2.0.4",
"version_value": "2.0.4"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/74c23d56-e81f-47e9-bf8b-33d3f0e81894",
"name": "https://wpscan.com/vulnerability/74c23d56-e81f-47e9-bf8b-33d3f0e81894"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/",
"name": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/",
"name": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/74c23d56-e81f-47e9-bf8b-33d3f0e81894",
"name": "https://wpscan.com/vulnerability/74c23d56-e81f-47e9-bf8b-33d3f0e81894"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

154
2021/24xxx/CVE-2021-24354.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24354",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple 301 Redirects by BetterLinks - 2.0.0 2.0.3 - Arbitrary Plugin Installation"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple 301 Redirects by BetterLinks",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"version_affected": "<",
"version_name": "2.0.4",
"version_value": "2.0.4"
"CVE_data_meta": {
"ID": "CVE-2021-24354",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple 301 Redirects by BetterLinks - 2.0.0 \u2013 2.0.3 - Arbitrary Plugin Installation"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple 301 Redirects by BetterLinks",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"version_affected": "<",
"version_name": "2.0.4",
"version_value": "2.0.4"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/8638b36c-6641-491f-b9df-5db3645e4668",
"name": "https://wpscan.com/vulnerability/8638b36c-6641-491f-b9df-5db3645e4668"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/",
"name": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/",
"name": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/8638b36c-6641-491f-b9df-5db3645e4668",
"name": "https://wpscan.com/vulnerability/8638b36c-6641-491f-b9df-5db3645e4668"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

154
2021/24xxx/CVE-2021-24355.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24355",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple 301 Redirects by BetterLinks - 2.0.0 2.0.3 - Update and Retrieve Wildcard Value"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple 301 Redirects by BetterLinks",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"version_affected": "<",
"version_name": "2.0.4",
"version_value": "2.0.4"
"CVE_data_meta": {
"ID": "CVE-2021-24355",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple 301 Redirects by BetterLinks - 2.0.0 \u2013 2.0.3 - Update and Retrieve Wildcard Value"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple 301 Redirects by BetterLinks",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"version_affected": "<",
"version_name": "2.0.4",
"version_value": "2.0.4"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, the lack of capability checks and insufficient nonce check on the AJAX actions, simple301redirects/admin/get_wildcard and simple301redirects/admin/wildcard, made it possible for authenticated users to retrieve and update the wildcard value for redirects."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/ce8f9648-30fb-4fb9-894e-879dc0f26f98",
"name": "https://wpscan.com/vulnerability/ce8f9648-30fb-4fb9-894e-879dc0f26f98"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/",
"name": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, the lack of capability checks and insufficient nonce check on the AJAX actions, simple301redirects/admin/get_wildcard and simple301redirects/admin/wildcard, made it possible for authenticated users to retrieve and update the wildcard value for redirects."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/",
"name": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/ce8f9648-30fb-4fb9-894e-879dc0f26f98",
"name": "https://wpscan.com/vulnerability/ce8f9648-30fb-4fb9-894e-879dc0f26f98"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

154
2021/24xxx/CVE-2021-24356.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24356",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple 301 Redirects by BetterLinks - 2.0.0 2.0.3 - Arbitrary Plugin Activation"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple 301 Redirects by BetterLinks",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"version_affected": "<",
"version_name": "2.0.4",
"version_value": "2.0.4"
"CVE_data_meta": {
"ID": "CVE-2021-24356",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple 301 Redirects by BetterLinks - 2.0.0 \u2013 2.0.3 - Arbitrary Plugin Activation"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple 301 Redirects by BetterLinks",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"version_affected": "<",
"version_name": "2.0.4",
"version_value": "2.0.4"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activate_plugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/be356530-5e00-4f27-8177-b80f3c1ae6e8",
"name": "https://wpscan.com/vulnerability/be356530-5e00-4f27-8177-b80f3c1ae6e8"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/",
"name": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activate_plugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/",
"name": "https://www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/be356530-5e00-4f27-8177-b80f3c1ae6e8",
"name": "https://wpscan.com/vulnerability/be356530-5e00-4f27-8177-b80f3c1ae6e8"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

146
2021/24xxx/CVE-2021-24358.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24358",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "The Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "The Plus Addons for Elementor Page Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.1.10",
"version_value": "4.1.10"
"CVE_data_meta": {
"ID": "CVE-2021-24358",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "The Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "The Plus Addons for Elementor Page Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.1.10",
"version_value": "4.1.10"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.10 did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an Open Redirect issue."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/fd4352ad-dae0-4404-94d1-11083cb1f44d",
"name": "https://wpscan.com/vulnerability/fd4352ad-dae0-4404-94d1-11083cb1f44d"
},
{
"refsource": "MISC",
"url": "https://theplusaddons.com/changelog/",
"name": "https://theplusaddons.com/changelog/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.10 did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an Open Redirect issue."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Nicolas Vidal from TEHTRIS"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://theplusaddons.com/changelog/",
"name": "https://theplusaddons.com/changelog/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/fd4352ad-dae0-4404-94d1-11083cb1f44d",
"name": "https://wpscan.com/vulnerability/fd4352ad-dae0-4404-94d1-11083cb1f44d"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Nicolas Vidal from TEHTRIS"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}

146
2021/24xxx/CVE-2021-24359.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24359",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "The Plus Addons for Elementor Page Builder < 4.1.11 - Arbitrary Reset Pwd Email Sending"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "The Plus Addons for Elementor Page Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.1.11",
"version_value": "4.1.11"
"CVE_data_meta": {
"ID": "CVE-2021-24359",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "The Plus Addons for Elementor Page Builder < 4.1.11 - Arbitrary Reset Pwd Email Sending"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "The Plus Addons for Elementor Page Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.1.11",
"version_value": "4.1.11"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site. Such issue could be chained with an open redirect (CVE-2021-24358) in version below 4.1.10, to include a crafted password reset link in the email, which would lead to an account takeover."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/486b82d1-30d4-44d2-9542-f33e3f149e92",
"name": "https://wpscan.com/vulnerability/486b82d1-30d4-44d2-9542-f33e3f149e92"
},
{
"refsource": "MISC",
"url": "https://theplusaddons.com/changelog/",
"name": "https://theplusaddons.com/changelog/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site. Such issue could be chained with an open redirect (CVE-2021-24358) in version below 4.1.10, to include a crafted password reset link in the email, which would lead to an account takeover."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Nicolas Vidal from TEHTRIS"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://theplusaddons.com/changelog/",
"name": "https://theplusaddons.com/changelog/"
},
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/486b82d1-30d4-44d2-9542-f33e3f149e92",
"name": "https://wpscan.com/vulnerability/486b82d1-30d4-44d2-9542-f33e3f149e92"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Nicolas Vidal from TEHTRIS"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}