admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/3xxx/CVE-2022-3419.json
erwanlr 807950970a Adds CVEs
2022-10-31 17:07:32 +01:00

83 lines
2.0 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ID": "CVE-2022-3419",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Automatic User Roles Switcher < 1.1.2 - Subscriber+ Privilege Escalation"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Automatic User Roles Switcher",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.1.2",
"version_value": "1.1.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Automatic User Roles Switcher WordPress plugin before 1.1.2 does not have authorisation and proper CSRF checks, allowing any authenticated users like subscriber to add any role to themselves, such as administrator"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/5909a423-9841-449c-a569-f687c609817b",
"name": "https://wpscan.com/vulnerability/5909a423-9841-449c-a569-f687c609817b"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-269 Improper Privilege Management",
"lang": "eng"
}
]
},
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "WPScan"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink