nvd-json-data-feeds/CVE-2021/CVE-2021-250xx/CVE-2021-25042.json

{
  "id": "CVE-2021-25042",
  "sourceIdentifier": "contact@wpscan.com",
  "published": "2022-02-28T09:15:08.580",
  "lastModified": "2022-03-08T16:56:54.080",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, or make a logged in user do it via a CSRF attack and add an arbitrary IP address to exclude. Furthermore, due to the lack of validation, sanitisation and escaping, users could set a malicious value and perform Cross-Site Scripting attacks against logged in admin"
    },
    {
      "lang": "es",
      "value": "El plugin WP Visitor Statistics (Real Time Traffic) de WordPress versiones anteriores a 5.5, no presenta comprobaciones de autorizaci\u00f3n y CSRF en la acci\u00f3n AJAX updateIpAddress, permitiendo a cualquier usuario autenticado llamarla, o hacer que un usuario conectado lo haga por medio de un ataque de tipo CSRF y a\u00f1ada una direcci\u00f3n IP arbitraria para excluirla. Adem\u00e1s, debido a una falta de comprobaci\u00f3n, saneo y escape, los usuarios podr\u00edan establecer un valor malicioso y llevar a cabo ataques de tipo Cross-Site Scripting contra el administrador conectado."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "SINGLE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.5
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "contact@wpscan.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:plugins-market:wp_visitor_statistics_\\(real_time_traffic\\):*:*:*:*:*:wordpress:*:*",
              "versionEndExcluding": "5.5",
              "matchCriteriaId": "4D6E6790-B938-4360-8234-EC9AFADC3689"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://wpscan.com/vulnerability/05b9e478-2d3b-4460-88c1-7f81d3a68ac4",
      "source": "contact@wpscan.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}