CVE-2021-24586

{"id": "CVE-2021-24586", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2021-09-13T18:15:16.517", "references": [{"url": "https://wpscan.com/vulnerability/e9885fba-0e73-41a0-9e1d-47badc09be85", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/vulnerability/e9885fba-0e73-41a0-9e1d-47badc09be85", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "contact@wpscan.com", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-352"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "The Per page add to head WordPress plugin before 1.4.4 is lacking any CSRF check when saving its settings, which could allow attackers to make a logged in admin change them. Furthermore, as the plugin allows arbitrary HTML to be inserted in one of the setting (feature mentioned by the plugin), this could lead to Stored XSS issue which will be triggered either in the backend, frontend or both depending on the payload used."}, {"lang": "es", "value": "El plugin de WordPress Per page add to head versiones anteriores a 1.4.4, carece de cualquier tipo de comprobaci\u00f3n de tipo CSRF cuando guarda su configuraci\u00f3n, que podr\u00eda permitir a atacantes hacer que un administrador registrado la cambie. Adem\u00e1s, como el plugin permite insertar HTML arbitrario en una de las configuraciones (caracter\u00edstica mencionada por el plugin), esto podr\u00eda conllevar a un problema de tipo XSS Almacenado que ser\u00eda desencadenado en el backend, en el frontend o en ambos, dependiendo del payload usado"}], "lastModified": "2024-11-21T05:53:21.567", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:evona:per_page_add_to_head:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "6FD4DB5E-1FC4-449B-A571-D3A1BF20D4BB", "versionEndExcluding": "1.4.4"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}