CVE-2022-4004

The Donation Button WordPress plugin through 4.0.0 does not properly check for privileges and nonce tokens in its "donation_button_twilio_send_test_sms" AJAX action, which may allow any users with an account on the affected site, like subscribers, to use the plugin's Twilio integration to send SMSes to arbitrary phone numbers.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://wpscan.com/vulnerability/6a3bcfb3-3ede-459d-969f-b7b30dafd098	Exploit Third Party Advisory
https://wpscan.com/vulnerability/6a3bcfb3-3ede-459d-969f-b7b30dafd098	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:donation_button_project:donation_button:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 07:34

Type	Values Removed	Values Added
References	~~() https://wpscan.com/vulnerability/6a3bcfb3-3ede-459d-969f-b7b30dafd098 - Exploit, Third Party Advisory~~	() https://wpscan.com/vulnerability/6a3bcfb3-3ede-459d-969f-b7b30dafd098 - Exploit, Third Party Advisory

15 Dec 2022, 15:14

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-12-12 18:15

Updated : 2025-04-22 15:16

NVD link : CVE-2022-4004

Mitre link : CVE-2022-4004

CVE.ORG link : CVE-2022-4004

JSON object : View

Products Affected

donation_button_project

donation_button

CWE

No CWE.

{"id": "CVE-2022-4004", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2022-12-12T18:15:12.957", "references": [{"url": "https://wpscan.com/vulnerability/6a3bcfb3-3ede-459d-969f-b7b30dafd098", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/vulnerability/6a3bcfb3-3ede-459d-969f-b7b30dafd098", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "descriptions": [{"lang": "en", "value": "The Donation Button WordPress plugin through 4.0.0 does not properly check for privileges and nonce tokens in its \"donation_button_twilio_send_test_sms\" AJAX action, which may allow any users with an account on the affected site, like subscribers, to use the plugin's Twilio integration to send SMSes to arbitrary phone numbers."}, {"lang": "es", "value": "El complemento Donation Button WordPress hasta la versi\u00f3n 4.0.0 no verifica adecuadamente los privilegios y tokens nonce en su acci\u00f3n AJAX \"donation_button_twilio_send_test_sms\", lo que puede permitir que cualquier usuario con una cuenta en el sitio afectado, como suscriptores, use la integraci\u00f3n Twilio del complemento para enviar SMS a n\u00fameros de tel\u00e9fono arbitrarios."}], "lastModified": "2025-04-22T15:16:08.287", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:donation_button_project:donation_button:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "4CFBBC2D-0A2B-4B13-AB2A-C6A1B5893337", "versionEndIncluding": "4.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}