From e7b8fc9398aa8b98b4fc47c1e90b00eee90a02c4 Mon Sep 17 00:00:00 2001 From: erwanlr Date: Mon, 11 Oct 2021 12:44:34 +0200 Subject: [PATCH] Adds CVEs --- 2021/24xxx/CVE-2021-24545.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24546.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24563.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24576.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24577.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24651.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24656.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24681.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24683.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24690.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24691.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24709.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24711.json | 94 ++++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24712.json | 89 ++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24719.json | 97 +++++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24720.json | 99 ++++++++++++++++++++++++++++------ 2021/24xxx/CVE-2021-24737.json | 89 ++++++++++++++++++++++++------ 17 files changed, 1264 insertions(+), 272 deletions(-) diff --git a/2021/24xxx/CVE-2021-24545.json b/2021/24xxx/CVE-2021-24545.json index 4446ffd65b2..96f9e3e5bf2 100644 --- a/2021/24xxx/CVE-2021-24545.json +++ b/2021/24xxx/CVE-2021-24545.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24545", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24545", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "WP HTML Author Bio <= 1.2.0 - Author+ Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WP HTML Author Bio", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.2.0", + "version_value": "1.2.0" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WP HTML Author Bio WordPress plugin through 1.2.0 does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit a post in the frontend made by such user. As a result, user with a role as low as author could perform Cross-Site Scripting attacks against users, which could potentially lead to privilege escalation when an admin view the related post/s." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/64267134-9d8c-4e0c-b24f-d18692a5775e", + "name": "https://wpscan.com/vulnerability/64267134-9d8c-4e0c-b24f-d18692a5775e" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Veshraj Ghimire" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24546.json b/2021/24xxx/CVE-2021-24546.json index 78ec5e614b3..d49f653a118 100644 --- a/2021/24xxx/CVE-2021-24546.json +++ b/2021/24xxx/CVE-2021-24546.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24546", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24546", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "EditorsKit < 1.31.6 - Contributor+ Arbitrary PHP Code Execution" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Gutenberg Block Editor Toolkit – EditorsKit", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.31.6", + "version_value": "1.31.6" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Gutenberg Block Editor Toolkit – EditorsKit WordPress plugin before 1.31.6 does not sanitise and validate the Conditional Logic of the Custom Visibility settings, allowing users with a role as low contributor to execute Arbitrary PHP code" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/bdc36f6a-682d-4d66-b587-92e86085d971", + "name": "https://wpscan.com/vulnerability/bdc36f6a-682d-4d66-b587-92e86085d971" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "bl4derunner" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24563.json b/2021/24xxx/CVE-2021-24563.json index c5d898a8253..bdbcd0d6205 100644 --- a/2021/24xxx/CVE-2021-24563.json +++ b/2021/24xxx/CVE-2021-24563.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24563", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24563", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Frontend Uploader <= 1.3.2 - Unauthenticated Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Frontend Uploader", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.3.2", + "version_value": "1.3.2" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/e53ef41e-a176-4d00-916a-3a03835370f1", + "name": "https://wpscan.com/vulnerability/e53ef41e-a176-4d00-916a-3a03835370f1" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Veshraj Ghimire" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24576.json b/2021/24xxx/CVE-2021-24576.json index 69d3644c7d1..f5ea44bc4b3 100644 --- a/2021/24xxx/CVE-2021-24576.json +++ b/2021/24xxx/CVE-2021-24576.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24576", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24576", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Easy Accordion < 2.0.22 - Authenticated Stored XSS" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Easy Accordion – Best Accordion FAQ Plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.0.22", + "version_value": "2.0.22" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Easy Accordion WordPress plugin before 2.0.22 does not properly sanitize inputs when adding new items to an accordion." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/4d0c60d1-db5a-4c4f-9bdb-669975ac7210", + "name": "https://wpscan.com/vulnerability/4d0c60d1-db5a-4c4f-9bdb-669975ac7210" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Asif Nawaz Minhas" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24577.json b/2021/24xxx/CVE-2021-24577.json index b07086b5ece..c3e8a7b0665 100644 --- a/2021/24xxx/CVE-2021-24577.json +++ b/2021/24xxx/CVE-2021-24577.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24577", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24577", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Coming Soon and Maintenance Mode < 3.5.3 - Authenticated Stored XSS" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Coming soon and Maintenance mode", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.5.3", + "version_value": "3.5.3" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not properly sanitize inputs submitted by authenticated users when setting adding or modifying coming soon or maintenance mode pages, leading to stored XSS." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/d453b547-41a8-4a6b-8349-8686b7054805", + "name": "https://wpscan.com/vulnerability/d453b547-41a8-4a6b-8349-8686b7054805" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Asif Nawaz Minhas" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24651.json b/2021/24xxx/CVE-2021-24651.json index cfe3caba3e6..604070ad61f 100644 --- a/2021/24xxx/CVE-2021-24651.json +++ b/2021/24xxx/CVE-2021-24651.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24651", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24651", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Poll Maker < 3.4.2 - Unauthenticated Time Based SQL Injection" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Poll Maker", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.4.2", + "version_value": "3.4.2" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Poll Maker WordPress plugin before 3.4.2 allows unauthenticated users to perform SQL injection via the ays_finish_poll AJAX action. While the result is not disclosed in the response, it is possible to use a timing attack to exfiltrate data such as password hash." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/24f933b0-ad57-4ed3-817d-d637256e2fb1", + "name": "https://wpscan.com/vulnerability/24f933b0-ad57-4ed3-817d-d637256e2fb1" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-89 SQL Injection", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "apple502j" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24656.json b/2021/24xxx/CVE-2021-24656.json index 0456888b6b7..da441688ceb 100644 --- a/2021/24xxx/CVE-2021-24656.json +++ b/2021/24xxx/CVE-2021-24656.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24656", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24656", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Simple Social Media Share Buttons < 3.2.4 - Authenticated Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Simple Social Media Share Buttons – Social Sharing for Everyone", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.2.4", + "version_value": "3.2.4" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Simple Social Media Share Buttons WordPress plugin before 3.2.4 does not escape the Share Title settings before outputting it in the frontend pages or posts (depending on the settings used), allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/8e897dcc-6e52-440b-83ad-b119c55751c7", + "name": "https://wpscan.com/vulnerability/8e897dcc-6e52-440b-83ad-b119c55751c7" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Asif Nawaz Minhas" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24681.json b/2021/24xxx/CVE-2021-24681.json index 8e07eba075b..6c08f3d917f 100644 --- a/2021/24xxx/CVE-2021-24681.json +++ b/2021/24xxx/CVE-2021-24681.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24681", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24681", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Duplicate Page <= 4.4.2 - Admin+ Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Duplicate Page", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "4.4.2", + "version_value": "4.4.2" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Duplicate Page WordPress plugin through 4.4.2 does not sanitise or escape the Duplicate Post Suffix settings before outputting it, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/9ebdd1df-1d6f-4399-8b0f-77a79f841464", + "name": "https://wpscan.com/vulnerability/9ebdd1df-1d6f-4399-8b0f-77a79f841464" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Nikhil Kapoor from EsecForte" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24683.json b/2021/24xxx/CVE-2021-24683.json index 358b2720e2c..b55c0e2a2c4 100644 --- a/2021/24xxx/CVE-2021-24683.json +++ b/2021/24xxx/CVE-2021-24683.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24683", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24683", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Weather Effect < 1.3.4 - CSRF to Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Weather Effect – Christmas Santa Snow Falling", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.3.4", + "version_value": "1.3.4" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not validate or escape them, which could lead to Stored Cross-Site Scripting issue." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/54f95b51-5804-4bee-9e4a-f73b8ef9bbd5", + "name": "https://wpscan.com/vulnerability/54f95b51-5804-4bee-9e4a-f73b8ef9bbd5" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "apple502j" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24690.json b/2021/24xxx/CVE-2021-24690.json index d412f1f43e8..6213a17514d 100644 --- a/2021/24xxx/CVE-2021-24690.json +++ b/2021/24xxx/CVE-2021-24690.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24690", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24690", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Chained Quiz < 1.2.7.2 - Authenticated Stored Cross Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Chained Quiz", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.2.7.2", + "version_value": "1.2.7.2" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/b2f473b4-268c-48b7-95e8-0a8eeaa3fc28", + "name": "https://wpscan.com/vulnerability/b2f473b4-268c-48b7-95e8-0a8eeaa3fc28" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Shivam Rai" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24691.json b/2021/24xxx/CVE-2021-24691.json index 74fb56a43cd..74c51776591 100644 --- a/2021/24xxx/CVE-2021-24691.json +++ b/2021/24xxx/CVE-2021-24691.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24691", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24691", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Quiz And Survey Master < 7.3.2 - Admin+ Stored Cross-Site Scripting " + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "7.3.2", + "version_value": "7.3.2" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Quiz And Survey Master WordPress plugin before 7.3.2 does not escape the Quiz Url Slug setting before outputting it in some pages, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/ecf6a082-b563-42c4-9d8c-3757aa6b696f", + "name": "https://wpscan.com/vulnerability/ecf6a082-b563-42c4-9d8c-3757aa6b696f" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Shivam Rai" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24709.json b/2021/24xxx/CVE-2021-24709.json index ed8a0ee2a80..a85c8761630 100644 --- a/2021/24xxx/CVE-2021-24709.json +++ b/2021/24xxx/CVE-2021-24709.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24709", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24709", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Weather Effect < 1.3.6 - Admin+ Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Weather Effect – Christmas Santa Snow Falling", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.3.6", + "version_value": "1.3.6" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Weather Effect WordPress plugin before 1.3.6 does not properly validate and escape some of its settings (like *_size_leaf, *_flakes_leaf, *_speed) which could lead to Stored Cross-Site Scripting issues" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/df74ed76-af9e-47a8-9a4d-c5c57e9e0f91", + "name": "https://wpscan.com/vulnerability/df74ed76-af9e-47a8-9a4d-c5c57e9e0f91" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "apple502j" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24711.json b/2021/24xxx/CVE-2021-24711.json index 14adfd72c13..6f18c68a9e5 100644 --- a/2021/24xxx/CVE-2021-24711.json +++ b/2021/24xxx/CVE-2021-24711.json @@ -1,18 +1,80 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24711", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24711", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Software License Manager < 4.5.1 - Arbitrary Domain Deletion via CSRF" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Software License Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "4.5.1", + "version_value": "4.5.1" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The del_reistered_domains AJAX action of the Software License Manager WordPress plugin before 4.5.1 does not have any CSRF checks, and is vulnerable to a CSRF attack" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/3351bc30-e5ff-471f-8d1c-b1bcdf419937", + "name": "https://wpscan.com/vulnerability/3351bc30-e5ff-471f-8d1c-b1bcdf419937" + }, + { + "refsource": "MISC", + "url": "https://jetpack.com/2021/09/14/csrf-vulnerability-found-in-software-license-manager-plugin/", + "name": "https://jetpack.com/2021/09/14/csrf-vulnerability-found-in-software-license-manager-plugin/" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Harald Eilertsen (JetPack)" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24712.json b/2021/24xxx/CVE-2021-24712.json index 23d331b4522..c61b5908d5c 100644 --- a/2021/24xxx/CVE-2021-24712.json +++ b/2021/24xxx/CVE-2021-24712.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24712", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24712", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Appointment Hour Booking – WordPress Booking Plugin < 1.3.17 - Authenticated Stored XSS" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Appointment Hour Booking – WordPress Booking Plugin", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.3.17", + "version_value": "1.3.17" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Appointment Hour Booking WordPress plugin before 1.3.17 does not properly sanitize values used when creating new calendars." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/e677e51b-0d3f-44a5-9fcd-c159786b9926", + "name": "https://wpscan.com/vulnerability/e677e51b-0d3f-44a5-9fcd-c159786b9926" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Shivam Rai" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24719.json b/2021/24xxx/CVE-2021-24719.json index 01ee7bcd303..a188924c593 100644 --- a/2021/24xxx/CVE-2021-24719.json +++ b/2021/24xxx/CVE-2021-24719.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24719", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24719", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Enfold Theme < 4.8.4 - Reflected Cross-Site Scripting (XSS)" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Enfold", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "4.8.4", + "version_value": "4.8.4" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Enfold Enfold WordPress theme before 4.8.4 was vulnerable to Reflected Cross-Site Scripting (XSS). The vulnerability is present on Enfold versions previous than 4.8.4 which use Avia Page Builder." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/a53e213f-6011-47f8-93e6-aa5ad30e857e", + "name": "https://wpscan.com/vulnerability/a53e213f-6011-47f8-93e6-aa5ad30e857e" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "David Álvarez Robles" + }, + { + "lang": "eng", + "value": "Francisco Díaz-Pache Alonso" + }, + { + "lang": "eng", + "value": "Sergio Corral Cristo" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24720.json b/2021/24xxx/CVE-2021-24720.json index e92698d74c9..48b9656d071 100644 --- a/2021/24xxx/CVE-2021-24720.json +++ b/2021/24xxx/CVE-2021-24720.json @@ -1,18 +1,85 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24720", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24720", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "GeoDirectory < 2.1.1.3 - Authenticated Stored Cross-Site Scripting (XSS)" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Business Directory Plugin | GeoDirectory", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.1.1.3", + "version_value": "2.1.1.3" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The GeoDirectory Business Directory WordPress plugin before 2.1.1.3 was vulnerable to Authenticated Stored Cross-Site Scripting (XSS)." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/9de5cc51-f64c-4475-a0f4-d932dc4364a6", + "name": "https://wpscan.com/vulnerability/9de5cc51-f64c-4475-a0f4-d932dc4364a6" + }, + { + "refsource": "MISC", + "url": "https://github.com/BigTiger2020/word-press/blob/main/WrodPress%20Plugin%20GeoDirectory%E2%80%94%E2%80%94Stored%20Cross-Site%20Scripting%20.md", + "name": "https://github.com/BigTiger2020/word-press/blob/main/WrodPress%20Plugin%20GeoDirectory%E2%80%94%E2%80%94Stored%20Cross-Site%20Scripting%20.md" + }, + { + "refsource": "CONFIRM", + "url": "https://plugins.trac.wordpress.org/changeset/2596452/geodirectory", + "name": "https://plugins.trac.wordpress.org/changeset/2596452/geodirectory" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Thinkland Security Team" + } + ], + "source": { + "discovery": "EXTERNAL" + } +} diff --git a/2021/24xxx/CVE-2021-24737.json b/2021/24xxx/CVE-2021-24737.json index 904e4a742ce..d99e3553b8c 100644 --- a/2021/24xxx/CVE-2021-24737.json +++ b/2021/24xxx/CVE-2021-24737.json @@ -1,18 +1,75 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-24737", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-24737", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC", + "TITLE": "Comments - wpDiscuz <= 7.3.0 - Admin+ Stored Cross-Site Scripting" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "generator": "WPScan CVE Generator", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Comments – wpDiscuz", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "7.3.0", + "version_value": "7.3.0" + } + ] + } + } + ] + } + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Comments – wpDiscuz WordPress plugin through 7.3.0 does not properly sanitise or escape the Follow and Unfollow messages before outputting them in the page, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/f51a350c-c46d-4d52-b787-762283625d0b", + "name": "https://wpscan.com/vulnerability/f51a350c-c46d-4d52-b787-762283625d0b" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "CWE-79 Cross-site Scripting (XSS)", + "lang": "eng" + } + ] + } + ] + }, + "credit": [ + { + "lang": "eng", + "value": "Phu Tran from techlabcorp.com" + } + ], + "source": { + "discovery": "EXTERNAL" + } +}