admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/2xxx/CVE-2022-2377.json
erwanlr 764e011c4a Adds CVEs
2022-08-22 16:50:22 +02:00

83 lines
2.0 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"CVE_data_meta": {
"ID": "CVE-2022-2377",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Directorist < 7.3.0 - Subscriber+ Arbitrary E-mail Sending"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Directorist WordPress Business Directory Plugin with Classified Ads Listings",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7.3.0",
"version_value": "7.3.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Directorist WordPress plugin before 7.3.0 does not have authorisation and CSRF checks in an AJAX action, allowing any authenticated users to send arbitrary emails on behalf of the blog"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/f4e606e9-0664-42fb-a59b-21de306eb530",
"name": "https://wpscan.com/vulnerability/f4e606e9-0664-42fb-a59b-21de306eb530"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
},
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zając"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink