admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-08 11:37:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adds CVEs

Browse Source
This commit is contained in:
erwanlr 2021-08-23 10:17:55 +02:00
parent f87e8808f9
commit cc3f30a9eb
26 changed files with 1963 additions and 394 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
2021/24xxx/CVE-2021-24486.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24486",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple Social Media Share Buttons < 3.2.3 - Contributor+ Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple Social Media Share Buttons Social Sharing for Everyone",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.2.3",
"version_value": "3.2.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Simple Social Media Share Buttons Social Sharing for Everyone WordPress plugin before 3.2.3 did not escape the align and like_button_size parameters of its SSB shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/324e6b7b-a2ac-4c08-8b97-0967513f7328",
"name": "https://wpscan.com/vulnerability/324e6b7b-a2ac-4c08-8b97-0967513f7328"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

69
2021/24xxx/CVE-2021-24497.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24497",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Giveaway <= 1.2.2 - Authenticated SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Giveaway",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.2.2",
"version_value": "1.2.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Giveaway WordPress plugin through 1.2.2 is vulnerable to an SQL Injection issue which allows an administrative user to execute arbitrary SQL commands via the $post_id on the options.php page."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/a1cf08fe-943a-4f14-beb0-25216011b538",
"name": "https://wpscan.com/vulnerability/a1cf08fe-943a-4f14-beb0-25216011b538"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Mesut Cetin"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

69
2021/24xxx/CVE-2021-24506.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24506",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Slider Hero < 8.2.7 - Contributor+ SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Slider Hero with Animation, Video Background & Intro Maker",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8.2.7",
"version_value": "8.2.7"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Slider Hero with Animation, Video Background & Intro Maker WordPress plugin before 8.2.7 does not sanitise or escape the id attribute of its hero-button shortcode before using it in a SQL statement, allowing users with a role as low as Contributor to perform SQL injection."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/52c8755c-46b9-4383-8c8d-8816f03456b0",
"name": "https://wpscan.com/vulnerability/52c8755c-46b9-4383-8c8d-8816f03456b0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

69
2021/24xxx/CVE-2021-24524.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24524",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "GiveWP < 2.12.0 - Authenticated Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "GiveWP Donation Plugin and Fundraising Platform",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.12.0",
"version_value": "2.12.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The GiveWP Donation Plugin and Fundraising Platform WordPress plugin before 2.12.0 did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in them."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/5a4774ec-c0ee-4c6b-92a6-fa10821ec336",
"name": "https://wpscan.com/vulnerability/5a4774ec-c0ee-4c6b-92a6-fa10821ec336"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Asif Nawaz Minhas"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

69
2021/24xxx/CVE-2021-24529.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24529",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Grid Gallery < 1.2.5 - Authenticated Stored Cross Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Grid Gallery Photo Image Grid Gallery",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.2.5",
"version_value": "1.2.5"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Grid Gallery Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5",
"name": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Amal E Thamban"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24531.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24531",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Charitable Donation Plugin < 1.6.51 - Authenticated Stored Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Charitable Donation Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.6.51",
"version_value": "1.6.51"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Charitable Donation Plugin WordPress plugin before 1.6.51 is affected by an authenticated stored cross-site scripting vulnerability which was found in the add donation feature."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/a5837621-ee6e-4876-9f65-82658fc0341f",
"name": "https://wpscan.com/vulnerability/a5837621-ee6e-4876-9f65-82658fc0341f"
},
{
"refsource": "MISC",
"url": "https://www.wpcharitable.com/release-notes-1-6-51/",
"name": "https://www.wpcharitable.com/release-notes-1-6-51/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Muhammad Daffa"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

69
2021/24xxx/CVE-2021-24533.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24533",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Maintenance < 4.03 - Authenticated Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Maintenance",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.03",
"version_value": "4.03"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Maintenance WordPress plugin before 4.03 does not sanitise or escape some of its settings, allowing high privilege users such as admin to se Cross-Site Scripting payload in them (even when the unfiltered_html capability is disallowed), which will be triggered in the frontend"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/174b2119-b806-4da4-a23d-c19b552c86cb",
"name": "https://wpscan.com/vulnerability/174b2119-b806-4da4-a23d-c19b552c86cb"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Emil kylander"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

69
2021/24xxx/CVE-2021-24547.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24547",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "KN Fix Your Title <= 1.0.1 - Authenticated Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "KN Fix Your Title",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.1",
"version_value": "1.0.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The KN Fix Your Title WordPress plugin through 1.0.1 was vulnerable to Authenticated Stored XSS in the separator field."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/faaeb685-ea02-4a5a-ac5f-87081efe94e0",
"name": "https://wpscan.com/vulnerability/faaeb685-ea02-4a5a-ac5f-87081efe94e0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Aakash Choudhary"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24549.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24549",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "AceIDE <= 2.6.2 - Authenticated (admin+) Arbitrary File Access"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "AceIDE",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.6.2",
"version_value": "2.6.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The AceIDE WordPress plugin through 2.6.2 does not sanitise or validate the user input which is appended to system paths before using it in various actions, such as to read arbitrary files from the server. This allows high privilege users such as administrator to access any file on the web server outside of the blog directory via a path traversal attack."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c594abaf-b152-448c-8a20-9b3267fe547a",
"name": "https://wpscan.com/vulnerability/c594abaf-b152-448c-8a20-9b3267fe547a"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-aceide/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-aceide/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24550.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24550",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Broken Link Manager <= 0.6.5 - Authenticated (admin+) SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Broken Link Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0.6.5",
"version_value": "0.6.5"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/1bf65448-689c-474d-a566-c9b6797d3e4a",
"name": "https://wpscan.com/vulnerability/1bf65448-689c-474d-a566-c9b6797d3e4a"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-broken-link-manager/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-broken-link-manager/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24551.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24551",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Edit Comments <= 0.3 - Unauthenticated SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Edit Comments",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0.3",
"version_value": "0.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Edit Comments WordPress plugin through 0.3 does not sanitise, validate or escape the jal_edit_comments GET parameter before using it in a SQL statement, leading to a SQL injection issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/e62fb8db-384f-4384-ad24-e10eb9058ed5",
"name": "https://wpscan.com/vulnerability/e62fb8db-384f-4384-ad24-e10eb9058ed5"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-edit-comments/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-edit-comments/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24552.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24552",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple Events Calendar <= 1.4.0 - Authenticated (admin+) SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple Events Calendar",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.4.0",
"version_value": "1.4.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Simple Events Calendar WordPress plugin through 1.4.0 does not sanitise, validate or escape the event_id POST parameter before using it in a SQL statement when deleting events, leading to an authenticated SQL injection issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/3482a015-a5ed-4913-b516-9eae2b3f89db",
"name": "https://wpscan.com/vulnerability/3482a015-a5ed-4913-b516-9eae2b3f89db"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-simple-events-calendar/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-simple-events-calendar/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24553.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24553",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Timeline Calendar <= 1.2 - Authenticated (admin+) SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Timeline Calendar",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.2",
"version_value": "1.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Timeline Calendar WordPress plugin through 1.2 does not sanitise, validate or escape the edit GET parameter before using it in a SQL statement when editing events, leading to an authenticated SQL injection issue. Other SQL Injections are also present in the plugin"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/14c75a00-a52b-430b-92da-5145e5aee30a",
"name": "https://wpscan.com/vulnerability/14c75a00-a52b-430b-92da-5145e5aee30a"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-timeline-calendar/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-timeline-calendar/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24554.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24554",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Paytm - Donation Plugin <= 1.3.2 - Authenticated (admin+) SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Paytm Donation Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.3.2",
"version_value": "1.3.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Paytm Donation Plugin WordPress plugin through 1.3.2 does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/f2842ac8-76fa-4490-aa0c-5f2b07ecf2ad",
"name": "https://wpscan.com/vulnerability/f2842ac8-76fa-4490-aa0c-5f2b07ecf2ad"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-wp-paytm-pay/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-wp-paytm-pay/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24555.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24555",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Diary & Availability Calendar <= 1.0.3 - Authenticated (subscriber+) SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Diary & Availability Calendar",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.3",
"version_value": "1.0.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The daac_delete_booking_callback function, hooked to the daac_delete_booking AJAX action, takes the id POST parameter which is passed into the SQL statement without proper sanitisation, validation or escaping, leading to a SQL Injection issue. Furthermore, the ajax action is lacking any CSRF and capability check, making it available to any authenticated user."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/8eafd84b-6214-450b-869b-0afe7cca4c5f",
"name": "https://wpscan.com/vulnerability/8eafd84b-6214-450b-869b-0afe7cca4c5f"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-diary-availability-calendar/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-diary-availability-calendar/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24556.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24556",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Email Subscriber <= 1.1 - Unauthenticated Stored Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Email Subscriber",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.1",
"version_value": "1.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The kento_email_subscriber_ajax AJAX action of the Email Subscriber WordPress plugin through 1.1, does not properly sanitise, validate and escape the submitted subscribe_email and subscribe_name POST parameters, inserting them in the DB and then outputting them back in the Subscriber list (/wp-admin/edit.php?post_type=kes_campaign&page=kento_email_subscriber_list_settings), leading a Stored XSS issue."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/f050aedc-f79f-4b27-acac-0cdb33b25af8",
"name": "https://wpscan.com/vulnerability/f050aedc-f79f-4b27-acac-0cdb33b25af8"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-email-subscriber/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-email-subscriber/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24557.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24557",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "M-vSlider <= 2.1.3 - Authenticated (admin+) SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "M-vSlider",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.1.3",
"version_value": "2.1.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The update functionality in the rslider_page uses an rs_id POST parameter which is not validated, sanitised or escaped before being inserted in sql query, therefore leading to SQL injection for users having Administrator role."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/8b8e41e8-5a40-4062-b5b7-3b01b1a709ef",
"name": "https://wpscan.com/vulnerability/8b8e41e8-5a40-4062-b5b7-3b01b1a709ef"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-m-vslider/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-m-vslider/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24558.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24558",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Project Status <= 1.6 - Reflected Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Project Status",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.6",
"version_value": "1.6"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The pspin_duplicate_post_save_as_new_post function of the Project Status WordPress plugin through 1.6 does not sanitise, validate or escape the post GET parameter passed to it before outputting it in an error message when the related post does not exist, leading to a reflected XSS issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/ca5f2152-fcfd-492d-a552-f9604011beff",
"name": "https://wpscan.com/vulnerability/ca5f2152-fcfd-492d-a552-f9604011beff"
},
{
"refsource": "MISC",
"url": "https://codevigilant.com/disclosure/2021/wp-plugin-project-status/",
"name": "https://codevigilant.com/disclosure/2021/wp-plugin-project-status/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shreya Pohekar of Codevigilant Project"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24561.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24561",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP SMS < 5.4.13 - Authenticated Stored Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP SMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.4.13",
"version_value": "5.4.13"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WP SMS WordPress plugin before 5.4.13 does not sanitise the \"wp_group_name\" parameter before outputting it back in the \"Groups\" page, leading to an Authenticated Stored Cross-Site Scripting issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/5433ef4c-4451-4b6e-992b-69c5eccabf90",
"name": "https://wpscan.com/vulnerability/5433ef4c-4451-4b6e-992b-69c5eccabf90"
},
{
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2570762/wp-sms",
"name": "https://plugins.trac.wordpress.org/changeset/2570762/wp-sms"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Muhammad Daffa"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24562.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24562",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "LMS by LifterLMS Online Course, Membership & Learning Management System Plugin for WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.21.2",
"version_value": "4.21.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The LMS by LifterLMS Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.2 was affected by an IDOR issue, allowing students to see other student answers and grades"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/d45bb744-4a0d-4af0-aa16-71f7e3ea6e00",
"name": "https://wpscan.com/vulnerability/d45bb744-4a0d-4af0-aa16-71f7e3ea6e00"
},
{
"refsource": "MISC",
"url": "https://make.lifterlms.com/2021/05/17/lifterlms-version-4-21-2/",
"name": "https://make.lifterlms.com/2021/05/17/lifterlms-version-4-21-2/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Amirmuhammad vakili"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

69
2021/24xxx/CVE-2021-24564.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24564",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WPFront Scroll Top < 2.0.6.07225 - Authenticated Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WPFront Scroll Top",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.6.07225",
"version_value": "2.0.6.07225"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WPFront Scroll Top WordPress plugin before 2.0.6.07225 does not sanitise or escape its Image ALT setting before outputting it attributes, leading to an Authenticated Stored Cross-Site Scripting issues even when the unfiltered_html capability is disallowed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/b25af0e1-392f-4305-ad44-50e64ef3dbdf",
"name": "https://wpscan.com/vulnerability/b25af0e1-392f-4305-ad44-50e64ef3dbdf"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Asif Nawaz Minhas"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

82
2021/24xxx/CVE-2021-24565.json
View File

@ -1,18 +1,88 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24565",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Contact Form 7 Captcha < 0.0.9 - CSRF to Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Contact Form 7 Captcha",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0.0.9",
"version_value": "0.0.9"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Contact Form 7 Captcha WordPress plugin before 0.0.9 does not have any CSRF check in place when saving its settings, allowing attacker to make a logged in user with the manage_options change them. Furthermore, the settings are not escaped when output in attributes, leading to a Stored Cross-Site Scripting issue."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/97bfef5e-2ee0-491a-a931-4f44c83e5be0",
"name": "https://wpscan.com/vulnerability/97bfef5e-2ee0-491a-a931-4f44c83e5be0"
},
{
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2570402",
"name": "https://plugins.trac.wordpress.org/changeset/2570402"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
},
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "dc11"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

69
2021/24xxx/CVE-2021-24571.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24571",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "HD Quiz < 1.8.4 - Authenticated Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "HD Quiz",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.8.4",
"version_value": "1.8.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The HD Quiz WordPress plugin before 1.8.4 does not escape some of its Answers before outputting them in attribute when generating the Quiz, which could lead to Stored Cross-Site Scripting issues"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/377fd65f-3a8c-4f7a-9e40-046d52ec0eef",
"name": "https://wpscan.com/vulnerability/377fd65f-3a8c-4f7a-9e40-046d52ec0eef"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Authenticated Stored XSS"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24574.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24574",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple Banner < 2.10.4 - Authenticated Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple Banner",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.10.4",
"version_value": "2.10.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Simple Banner WordPress plugin before 2.10.4 does not sanitise and escape one of its settings, allowing high privilege users such as admin to use Cross-Site Scripting payload even when the unfiltered_html capability is disallowed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/9adf7022-5108-43b7-bf0e-a42593185b74",
"name": "https://wpscan.com/vulnerability/9adf7022-5108-43b7-bf0e-a42593185b74"
},
{
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2571047/",
"name": "https://plugins.trac.wordpress.org/changeset/2571047/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Asif Nawaz Minhas"
}
],
"source": {
"discovery": "UNKNOWN"
}
}

68
2021/24xxx/CVE-2021-24602.json
View File

@ -1,18 +1,74 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24602",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "HM Multiple Roles < 1.3 - Arbitrary Role Change"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "HM Multiple Roles",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.3",
"version_value": "1.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/5fd2548a-08de-4417-bff1-f174dab718d5",
"name": "https://wpscan.com/vulnerability/5fd2548a-08de-4417-bff1-f174dab718d5"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/08/05/privilege-escalation-in-hm-multiple-roles-wordpress-plugin/",
"name": "https://jetpack.com/2021/08/05/privilege-escalation-in-hm-multiple-roles-wordpress-plugin/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-269 Improper Privilege Management",
"lang": "eng"
}
]
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

74
2021/24xxx/CVE-2021-24658.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24658",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Erident Custom Login and Dashboard < 3.5.9 - Authenticated Stored Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Libin V Babu",
"product": {
"product_data": [
{
"product_name": "Erident Custom Login and Dashboard",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.5.9",
"version_value": "3.5.9"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Erident Custom Login and Dashboard WordPress plugin before 3.5.9 did not properly sanitise its settings, allowing high privilege users to use XSS payloads in them (even when the unfileted_html is disabled)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/ec70f02b-02a1-4511-949e-68f2d9d37ca8",
"name": "https://wpscan.com/vulnerability/ec70f02b-02a1-4511-949e-68f2d9d37ca8"
},
{
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2507516",
"name": "https://plugins.trac.wordpress.org/changeset/2507516"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "James Calver (Bulletproof Cyber)"
}
],
"source": {
"discovery": "UNKNOWN"
}
}