CVE-2022-0316

The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c	Exploit Third Party Advisory
https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:aidreform_project:aidreform:-:::::wordpress::
	cpe:2.3:a:chimpgroup:bolster:-:::::wordpress::
	cpe:2.3:a:chimpgroup:spikes:-:::::wordpress::
	cpe:2.3:a:chimpgroup:westand::::::wordpress::*
	cpe:2.3:a:club-theme_project:club-theme:-:::::wordpress::
	cpe:2.3:a:footysquare_project:footysquare:-:::::wordpress::
	cpe:2.3:a:pixfill:kings_club:-:::::wordpress::
	cpe:2.3:a:soundblast_project:soundblast:-:::::wordpress::
	cpe:2.3:a:spikes-black_project:spikes-black:-:::::wordpress::
	cpe:2.3:a:statfort_project:statfort:-:::::wordpress::

History

21 Nov 2024, 06:38

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-01-23 15:15

Updated : 2024-11-21 06:38

NVD link : CVE-2022-0316

Mitre link : CVE-2022-0316

CVE.ORG link : CVE-2022-0316

JSON object : View

Products Affected

chimpgroup

bolster
westand
spikes

pixfill

kings_club

footysquare_project

footysquare

statfort_project

statfort

club-theme_project

club-theme

spikes-black_project

spikes-black

aidreform_project

aidreform

soundblast_project

soundblast

CWE

No CWE.

{"id": "CVE-2022-0316", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-01-23T15:15:13.703", "references": [{"url": "https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "descriptions": [{"lang": "en", "value": "The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server."}, {"lang": "es", "value": "El tema WeStand de WordPress anterior a 2.1, el tema de WordPress footysquare, el tema de WordPress Aidreform, el tema de WordPress statfort, el tema de WordPress con tema club, el tema de WordPress con tema kingclub, el tema de WordPress Spikes, el tema de WordPress Spikes-Black, el tema de WordPress Soundblast, el tema de WordPress de refuerzo de ChimpStudio y PixFill no tiene ninguna autorizaci\u00f3n ni validaci\u00f3n de carga en el archivo lang_upload.php, lo que permite que cualquier atacante no autenticado cargue archivos arbitrarios al servidor web."}], "lastModified": "2024-11-21T06:38:21.753", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:aidreform_project:aidreform:-:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "349B3C5A-3C95-4C80-9C09-DCFE002CB048"}, {"criteria": "cpe:2.3:a:chimpgroup:bolster:-:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "CD32D146-AE32-4F24-BB13-034D0BCEE102"}, {"criteria": "cpe:2.3:a:chimpgroup:spikes:-:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "692D91D4-FE19-4C7B-A0C2-8ADFF4EF3DA0"}, {"criteria": "cpe:2.3:a:chimpgroup:westand:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "82C6F1C1-034D-41D4-B1B0-E97E860F60BE", "versionEndExcluding": "2.1"}, {"criteria": "cpe:2.3:a:club-theme_project:club-theme:-:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "62CF701B-A5BF-4A80-A1DA-D7BD3DCC62B3"}, {"criteria": "cpe:2.3:a:footysquare_project:footysquare:-:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "E8492E39-28B9-4291-86A9-CA7C883EA483"}, {"criteria": "cpe:2.3:a:pixfill:kings_club:-:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "241E870E-DBF9-442A-A2E8-335375EB3995"}, {"criteria": "cpe:2.3:a:soundblast_project:soundblast:-:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "8E8B3706-CC83-422D-8F3E-35E454B25C9B"}, {"criteria": "cpe:2.3:a:spikes-black_project:spikes-black:-:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "F95938E5-CC29-453F-8C22-0AF971A7CE76"}, {"criteria": "cpe:2.3:a:statfort_project:statfort:-:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "B9E2332D-410F-4765-8C6E-6A0FB07795CE"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}