From c2432aad770074b5a130a4fa2a914b01d1810ad0 Mon Sep 17 00:00:00 2001 From: erwanlr Date: Mon, 26 Sep 2022 14:33:59 +0200 Subject: [PATCH] Adds CVEs --- 2021/24xxx/CVE-2021-24653.json | 14 ++--- 2021/24xxx/CVE-2021-24890.json | 102 +++++++++++++++++++++++++++------ 2022/1xxx/CVE-2022-1613.json | 89 ++++++++++++++++++++++------ 2022/1xxx/CVE-2022-1755.json | 87 +++++++++++++++++++++++----- 2022/2xxx/CVE-2022-2352.json | 87 +++++++++++++++++++++++----- 2022/2xxx/CVE-2022-2404.json | 87 +++++++++++++++++++++++----- 2022/2xxx/CVE-2022-2405.json | 95 +++++++++++++++++++++++++----- 2022/2xxx/CVE-2022-2903.json | 87 +++++++++++++++++++++++----- 2022/2xxx/CVE-2022-2926.json | 87 +++++++++++++++++++++++----- 2022/2xxx/CVE-2022-2987.json | 95 +++++++++++++++++++++++++----- 2022/3xxx/CVE-2022-3024.json | 95 +++++++++++++++++++++++++----- 2022/3xxx/CVE-2022-3025.json | 95 +++++++++++++++++++++++++----- 2022/3xxx/CVE-2022-3062.json | 87 +++++++++++++++++++++++----- 2022/3xxx/CVE-2022-3069.json | 87 +++++++++++++++++++++++----- 2022/3xxx/CVE-2022-3070.json | 89 ++++++++++++++++++++++------ 2022/3xxx/CVE-2022-3074.json | 89 ++++++++++++++++++++++------ 2022/3xxx/CVE-2022-3076.json | 87 +++++++++++++++++++++++----- 2022/3xxx/CVE-2022-3098.json | 87 +++++++++++++++++++++++----- 2022/3xxx/CVE-2022-3119.json | 97 +++++++++++++++++++++++++------ 2022/3xxx/CVE-2022-3135.json | 87 +++++++++++++++++++++++----- 20 files changed, 1433 insertions(+), 297 deletions(-) diff --git a/2021/24xxx/CVE-2021-24653.json b/2021/24xxx/CVE-2021-24653.json index a045f9eed8d..cd39e995833 100644 --- a/2021/24xxx/CVE-2021-24653.json +++ b/2021/24xxx/CVE-2021-24653.json @@ -3,7 +3,7 @@ "ID": "CVE-2021-24653", "ASSIGNER": "contact@wpscan.com", "STATE": "PUBLIC", - "TITLE": "Cookie Bar <= 1.8.8 - Admin+ Stored Cross-Site Scripting" + "TITLE": "Cookie Bar < 1.8.9 - Admin+ Stored Cross-Site Scripting" }, "data_format": "MITRE", "data_type": "CVE", @@ -21,9 +21,9 @@ "version": { "version_data": [ { - "version_affected": "<=", - "version_name": "1.8.8", - "version_value": "1.8.8" + "version_affected": "<", + "version_name": "1.8.9", + "version_value": "1.8.9" } ] } @@ -38,14 +38,14 @@ "description_data": [ { "lang": "eng", - "value": "The Cookie Bar WordPress plugin through 1.8.8 doesn't properly sanitise the Cookie Bar Message setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed" + "value": "The Cookie Bar WordPress plugin before 1.8.9 doesn't properly sanitise the Cookie Bar Message setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed" } ] }, "references": { "reference_data": [ { - "refsource": "MISC", + "refsource": "CONFIRM", "url": "https://wpscan.com/vulnerability/bfa8f46f-d323-4a2d-b875-39cd9b4cee0a", "name": "https://wpscan.com/vulnerability/bfa8f46f-d323-4a2d-b875-39cd9b4cee0a" } @@ -56,7 +56,7 @@ { "description": [ { - "value": "CWE-79 Cross-site Scripting (XSS)", + "value": "CWE-79 Cross-Site Scripting (XSS)", "lang": "eng" } ] diff --git a/2021/24xxx/CVE-2021-24890.json b/2021/24xxx/CVE-2021-24890.json index 85d57055fc5..3721e905a63 100644 --- a/2021/24xxx/CVE-2021-24890.json +++ b/2021/24xxx/CVE-2021-24890.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24890", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24890", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Scripts Organizer < 3.0 - Unauthenticated Arbitrary File Upload" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "scripts-organizer", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.0", + "version_value": "3.0" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated users, and does not validate user input in any way, which could allow unauthenticated users to put arbitrary PHP code in a file" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://wpscan.com/vulnerability/f3b450d2-84ce-4c13-ad6a-b60785dee7e7", + "name": "https://wpscan.com/vulnerability/f3b450d2-84ce-4c13-ad6a-b60785dee7e7" + }, + { + "refsource": "MISC", + "url": "https://dplugins.com/products/scripts-organizer/", + "name": "https://dplugins.com/products/scripts-organizer/" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-862 Missing Authorization", + "lang": "eng" + } + ] + }, + { + "description": [ + { + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Ovidiu Maghetiu" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2022/1xxx/CVE-2022-1613.json b/2022/1xxx/CVE-2022-1613.json index 43d9e28107a..d0fc3eaf9bd 100644 --- a/2022/1xxx/CVE-2022-1613.json +++ b/2022/1xxx/CVE-2022-1613.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-1613", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-1613", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Restricted Site Access < 7.3.2 - Access Bypass via IP Spoofing" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Restricted Site Access", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "7.3.2", + "version_value": "7.3.2" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations in certain situations." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/c03863ef-9ac9-402b-8f8d-9559c9988e2b", + "name": "https://wpscan.com/vulnerability/c03863ef-9ac9-402b-8f8d-9559c9988e2b" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-639 Authorization Bypass Through User-Controlled Key", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Daniel Ruf" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2022/1xxx/CVE-2022-1755.json b/2022/1xxx/CVE-2022-1755.json index 394f917b53a..9ad925cf115 100644 --- a/2022/1xxx/CVE-2022-1755.json +++ b/2022/1xxx/CVE-2022-1755.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-1755", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-1755", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "SVG Support < 2.5 - Author+ Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "SVG Support", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.5", + "version_value": "2.5" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SVG Support WordPress plugin before 2.5 does not properly handle SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/62b2548e-6b59-48b8-b1c2-9bd47e634982", + "name": "https://wpscan.com/vulnerability/62b2548e-6b59-48b8-b1c2-9bd47e634982" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Chafik Amraoui" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2352.json b/2022/2xxx/CVE-2022-2352.json index 28b8dfd1447..43612dd4d41 100644 --- a/2022/2xxx/CVE-2022-2352.json +++ b/2022/2xxx/CVE-2022-2352.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-2352", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-2352", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Post SMTP < 2.1.7 - Admin+ Blind SSRF" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Post SMTP Mailer/Email Log", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.1.7", + "version_value": "2.1.7" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c", + "name": "https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-918 Server-Side Request Forgery (SSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Raad Haddad of Cloudyrion GmbH" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2404.json b/2022/2xxx/CVE-2022-2404.json index 20984068a7b..e2b028865d1 100644 --- a/2022/2xxx/CVE-2022-2404.json +++ b/2022/2xxx/CVE-2022-2404.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-2404", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-2404", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "WP Popup Builder <= 1.2.8 - Reflected Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WP Popup Builder – Popup Forms , Marketing PoPuP & Newsletter", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.2.8", + "version_value": "1.2.8" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WP Popup Builder WordPress plugin through 1.2.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/0d889dde-b9d5-46cf-87d3-4f8a85cf9b98", + "name": "https://wpscan.com/vulnerability/0d889dde-b9d5-46cf-87d3-4f8a85cf9b98" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Krzysztof Zając" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2405.json b/2022/2xxx/CVE-2022-2405.json index 9891541b21e..c6779f9ff8a 100644 --- a/2022/2xxx/CVE-2022-2405.json +++ b/2022/2xxx/CVE-2022-2405.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-2405", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-2405", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "WP Popup Builder <= 1.2.8 - Subscriber+ Arbitrary Popup Deletion" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WP Popup Builder – Popup Forms , Marketing PoPuP & Newsletter", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.2.8", + "version_value": "1.2.8" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WP Popup Builder WordPress plugin through 1.2.8 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/50037028-2790-47ee-aae1-faf0724eb917", + "name": "https://wpscan.com/vulnerability/50037028-2790-47ee-aae1-faf0724eb917" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-862 Missing Authorization", + "lang": "eng" + } + ] + }, + { + "description": [ + { + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Krzysztof Zając" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2903.json b/2022/2xxx/CVE-2022-2903.json index b7e939ddcea..e2b23d2c5bb 100644 --- a/2022/2xxx/CVE-2022-2903.json +++ b/2022/2xxx/CVE-2022-2903.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-2903", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-2903", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "NinjaForms < 3.6.13 - Admin+ PHP Objection Injection" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.6.13", + "version_value": "3.6.13" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864", + "name": "https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-502 Deserialization of Untrusted Data", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Alessio Santoru" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2926.json b/2022/2xxx/CVE-2022-2926.json index 529491d4454..d37eb1b8f5a 100644 --- a/2022/2xxx/CVE-2022-2926.json +++ b/2022/2xxx/CVE-2022-2926.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-2926", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-2926", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Download Manager < 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Download Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.2.55", + "version_value": "3.2.55" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785", + "name": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Raad Haddad of Cloudyrion GmbH" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2987.json b/2022/2xxx/CVE-2022-2987.json index d5ee7dcb391..20173eb19ce 100644 --- a/2022/2xxx/CVE-2022-2987.json +++ b/2022/2xxx/CVE-2022-2987.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-2987", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-2987", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Ldap WP Login / Active Directory Integration < 3.0.2 - Unauthenticated Settings Update to Auth Bypass" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Ldap WP Login / Active Directory Integration", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.0.2", + "version_value": "3.0.2" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Ldap WP Login / Active Directory Integration WordPress plugin before 3.0.2 does not have any authorisation and CSRF checks when updating it's settings (which are hooked to the init action), allowing unauthenticated attackers to update them. Attackers could set their own LDAP server to be used to authenticated users, therefore bypassing the current authentication" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/0d9638b9-bf8a-474f-992d-2618884d3f67", + "name": "https://wpscan.com/vulnerability/0d9638b9-bf8a-474f-992d-2618884d3f67" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-862 Missing Authorization", + "lang": "eng" + } + ] + }, + { + "description": [ + { + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Lana Codes" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3024.json b/2022/3xxx/CVE-2022-3024.json index 31895d5c094..f18d3cc6883 100644 --- a/2022/3xxx/CVE-2022-3024.json +++ b/2022/3xxx/CVE-2022-3024.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3024", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3024", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Simple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSS" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Bitcoin Satoshi Tools : Faucets, Visitor Rewarder, Satoshi Games, Referral Program", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.7.0", + "version_value": "1.7.0" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Simple Bitcoin Faucets WordPress plugin through 1.7.0 does not have any authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscribers to call it and add/delete/edit Bonds. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/7f43cb8e-0c1b-4528-8c5c-b81ab42778dc", + "name": "https://wpscan.com/vulnerability/7f43cb8e-0c1b-4528-8c5c-b81ab42778dc" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "eng" + } + ] + }, + { + "description": [ + { + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Lana Codes" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3025.json b/2022/3xxx/CVE-2022-3025.json index a035d3561e2..e68fbe2aa20 100644 --- a/2022/3xxx/CVE-2022-3025.json +++ b/2022/3xxx/CVE-2022-3025.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3025", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3025", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Bitcoin / Altcoin Faucet <= 1.6.0 - Settings Update to Stored XSS via CSRF" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Bitcoin / Altcoin Faucet", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.6.0", + "version_value": "1.6.0" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Bitcoin / Altcoin Faucet WordPress plugin through 1.6.0 does not have any CSRF check when saving its settings, allowing attacker to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/66bc783b-67e1-4bd0-99c0-322873b3a22a", + "name": "https://wpscan.com/vulnerability/66bc783b-67e1-4bd0-99c0-322873b3a22a" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "eng" + } + ] + }, + { + "description": [ + { + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Lana Codes" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3062.json b/2022/3xxx/CVE-2022-3062.json index 560d4c7ef75..a321e4ef689 100644 --- a/2022/3xxx/CVE-2022-3062.json +++ b/2022/3xxx/CVE-2022-3062.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3062", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3062", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Simple File List < 4.4.12 - Reflected Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Simple File List", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "4.4.12", + "version_value": "4.4.12" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Simple File List WordPress plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/2e829bbe-1843-496d-a852-4150fa6d1f7a", + "name": "https://wpscan.com/vulnerability/2e829bbe-1843-496d-a852-4150fa6d1f7a" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Raad Haddad of Cloudyrion GmbH" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3069.json b/2022/3xxx/CVE-2022-3069.json index dba54c4f396..9c453c55b76 100644 --- a/2022/3xxx/CVE-2022-3069.json +++ b/2022/3xxx/CVE-2022-3069.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3069", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3069", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Wordlift < 3.37.2 - Admin+ Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WordLift – AI powered SEO – Schema", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.37.2", + "version_value": "3.37.2" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WordLift WordPress plugin before 3.37.2 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/a9918dfd-389c-43eb-afcc-03d29b42b369", + "name": "https://wpscan.com/vulnerability/a9918dfd-389c-43eb-afcc-03d29b42b369" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Anurag Bhoir" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3070.json b/2022/3xxx/CVE-2022-3070.json index 133e620d173..e5eb6d1243f 100644 --- a/2022/3xxx/CVE-2022-3070.json +++ b/2022/3xxx/CVE-2022-3070.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3070", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3070", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Generate PDF using Contact Form 7 < 3.6 - Admin+ Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Generate PDF using Contact Form 7", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.6", + "version_value": "3.6" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Generate PDF WordPress plugin before 3.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/cd8d71d1-030e-4ad4-866e-75d242883c6c", + "name": "https://wpscan.com/vulnerability/cd8d71d1-030e-4ad4-866e-75d242883c6c" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Anurag Bhoir" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2022/3xxx/CVE-2022-3074.json b/2022/3xxx/CVE-2022-3074.json index a6573d96288..edabc6bb51f 100644 --- a/2022/3xxx/CVE-2022-3074.json +++ b/2022/3xxx/CVE-2022-3074.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3074", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3074", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Slider Hero < 8.4.4 - Admin+ Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Slider Hero with Animation, Video Background", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "8.4.4", + "version_value": "8.4.4" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Slider Hero WordPress plugin before 8.4.4 does not escape the slider Name, which could allow high-privileged users to perform Cross-Site Scripting attacks." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/90ebaedc-89df-413f-b22e-753d4dd5e1c3", + "name": "https://wpscan.com/vulnerability/90ebaedc-89df-413f-b22e-753d4dd5e1c3" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "yuyudhn" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2022/3xxx/CVE-2022-3076.json b/2022/3xxx/CVE-2022-3076.json index d446c1984ff..bea79f8cd87 100644 --- a/2022/3xxx/CVE-2022-3076.json +++ b/2022/3xxx/CVE-2022-3076.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3076", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3076", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "CM Download Manager < 2.8.6 - Admin+ Arbitrary File Upload" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "CM Download Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.8.6", + "version_value": "2.8.6" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/d18e695b-4d6e-4ff6-a060-312594a0d2bd", + "name": "https://wpscan.com/vulnerability/d18e695b-4d6e-4ff6-a060-312594a0d2bd" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Mika" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3098.json b/2022/3xxx/CVE-2022-3098.json index 561eac63152..399e8362107 100644 --- a/2022/3xxx/CVE-2022-3098.json +++ b/2022/3xxx/CVE-2022-3098.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3098", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3098", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Login Block IPs <= 1.0.0 - Arbitrary Setting Update via CSRF" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Login Block IPs", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0.0", + "version_value": "1.0.0" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Login Block IPs WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/f4fcf41b-c05d-4236-8e67-a52d0f94c80a", + "name": "https://wpscan.com/vulnerability/f4fcf41b-c05d-4236-8e67-a52d0f94c80a" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Daniel Ruf" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3119.json b/2022/3xxx/CVE-2022-3119.json index 5ac2db5b2a7..2194ea2efbf 100644 --- a/2022/3xxx/CVE-2022-3119.json +++ b/2022/3xxx/CVE-2022-3119.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3119", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3119", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "OAuth client Single Sign On for WordPress < 3.0.4 - Unauthenticated Settings Update to Authentication Bypass" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO )", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.0.4", + "version_value": "3.0.4" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The OAuth client Single Sign On WordPress plugin before 3.0.4 does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing them to then be authenticated as admin if they know the correct email address" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/55b83cee-a8a5-4f9d-a976-a3eed9a558e5", + "name": "https://wpscan.com/vulnerability/55b83cee-a8a5-4f9d-a976-a3eed9a558e5" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-287 Improper Authentication", + "lang": "eng" + } + ] + }, + { + "description": [ + { + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Lana Codes" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2022/3xxx/CVE-2022-3135.json b/2022/3xxx/CVE-2022-3135.json index 7d4c28f38c3..0e52af99f84 100644 --- a/2022/3xxx/CVE-2022-3135.json +++ b/2022/3xxx/CVE-2022-3135.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-3135", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2022-3135", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "SEO Smart Links <= 3.0.1 - Admin+ Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "SEO Smart Links", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "3.0.1", + "version_value": "3.0.1" + } + ] + } + } + ] + } + } + ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SEO Smart Links WordPress plugin through 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/3505481d-141a-4516-bdbb-d4dad4e1eb01", + "name": "https://wpscan.com/vulnerability/3505481d-141a-4516-bdbb-d4dad4e1eb01" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Fjowel" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file