CVE-2021-24340

{"id": "CVE-2021-24340", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-06-07T11:15:16.677", "references": [{"url": "https://wpscan.com/vulnerability/d2970cfb-0aa9-4516-9a4b-32971f41a19c", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "https://www.wordfence.com/blog/2021/05/over-600000-sites-impacted-by-wp-statistics-patch/", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "contact@wpscan.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress esc_sql() function on a field not delimited by quotes and did not first prepare the query. Additionally, the page, which should have been accessible to administrator only, was also available to any visitor, including unauthenticated ones."}, {"lang": "es", "value": "El plugin WP Statistics de WordPress versiones anteriores a 13.0.8, usaba la funci\u00f3n esc_sql() de WordPress en un campo no delimitado por comillas y no preparaba primero la consulta. Adem\u00e1s, la p\u00e1gina, que deber\u00eda haber sido accesible s\u00f3lo para el administrador, tambi\u00e9n estaba disponible para cualquier visitante, incluyendo los no autenticados"}], "lastModified": "2021-06-14T17:47:59.613", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "ABAD85B0-D348-464C-959F-E3B678C871A6", "versionEndExcluding": "13.0.8"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}