nvd-json-data-feeds/CVE-2021/CVE-2021-244xx/CVE-2021-24490.json

{
  "id": "CVE-2021-24490",
  "sourceIdentifier": "contact@wpscan.com",
  "published": "2021-09-13T18:15:14.353",
  "lastModified": "2021-09-23T13:51:21.463",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "The Email Artillery (MASS EMAIL) WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well. However, due to the presence of a .htaccess, denying access to everything in the folder the file is uploaded to, the malicious uploaded file will only be accessible on Web Servers such as Nginx/IIS"
    },
    {
      "lang": "es",
      "value": "El plugin Email Artillery de WordPress (MASS EMAIL) versiones hasta 4.1 no comprueba apropiadamente los archivos subidos desde la funcionalidad Import Emails, permitiendo que sean subidos archivos arbitrarios. Adem\u00e1s, el plugin tambi\u00e9n carece de cualquier comprobaci\u00f3n de tipo CSRF, permitiendo que este problema sea explotado tambi\u00e9n por medio de un ataque de tipo CSRF. Sin embargo, debido a la presencia de un .htaccess, denegando el acceso a todo lo que se presenta en la carpeta a la que es subido el archivo, el archivo malicioso subido s\u00f3lo ser\u00e1 accesible en servidores web como Nginx/IIS"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "contact@wpscan.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        },
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:email_artillery_project:email_artillery:*:*:*:*:*:wordpress:*:*",
              "versionEndIncluding": "4.1",
              "matchCriteriaId": "BFC5C644-ADFB-4EE1-9BC4-5341468E607A"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://wpscan.com/vulnerability/4ea0127e-afef-41bf-a005-c57432f9f58c",
      "source": "contact@wpscan.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}