admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/24xxx/CVE-2021-24749.json
erwanlr f98ad16793 Adds CVEs
2021-11-29 09:23:33 +01:00

75 lines
1.9 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"CVE_data_meta": {
"ID": "CVE-2021-24749",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "URL Shortify < 1.5.1 - Arbitrary Link/Group Deletion via CSRF"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "URL Shortify Simple, Powerful and Easy URL Shortener Plugin For WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.5.1",
"version_value": "1.5.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The URL Shortify WordPress plugin before 1.5.1 does not have CSRF check in place when bulk-deleting links or groups, which could allow attackers to make a logged in admin delete arbitrary link and group via a CSRF attack."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/4b4e417d-0ae2-4c3c-81e6-4dcf39eb5697",
"name": "https://wpscan.com/vulnerability/4b4e417d-0ae2-4c3c-81e6-4dcf39eb5697"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink