From 65497ce696d5d67c13bb6d79ad21bf35417a758c Mon Sep 17 00:00:00 2001 From: Noam Rathaus Date: Mon, 30 Aug 2021 12:47:31 +0300 Subject: [PATCH 1/5] Description and reference --- cves/2019/CVE-2019-15889.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-15889.yaml b/cves/2019/CVE-2019-15889.yaml index 0f46219cb3..c3835a62a8 100644 --- a/cves/2019/CVE-2019-15889.yaml +++ b/cves/2019/CVE-2019-15889.yaml @@ -4,7 +4,10 @@ info: name: WordPress Plugin Download Manager 2.9.93 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15889 + description: The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter. + reference: + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15889 + - https://www.cybersecurity-help.cz/vdb/SB2019041819 tags: cve,cve2019,wordpress,xss,wp-plugin requests: From 51eb639de828ff4cc04725498db5ddc038b135c5 Mon Sep 17 00:00:00 2001 From: Noam Rathaus Date: Mon, 30 Aug 2021 12:49:23 +0300 Subject: [PATCH 2/5] Updated --- cves/2020/CVE-2020-29395.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2020/CVE-2020-29395.yaml b/cves/2020/CVE-2020-29395.yaml index 9b1e964acb..1072df2e03 100644 --- a/cves/2020/CVE-2020-29395.yaml +++ b/cves/2020/CVE-2020-29395.yaml @@ -4,6 +4,7 @@ info: name: Wordpress Plugin EventON Calendar 3.0.5 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium + description: The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field. reference: - https://github.com/mustgundogdu/Research/tree/main/EventON_PLUGIN_XSS - https://nvd.nist.gov/vuln/detail/CVE-2020-29395 From 5b344c944c8f4b52014848b3a11369a60288cf7d Mon Sep 17 00:00:00 2001 From: Noam Rathaus Date: Mon, 30 Aug 2021 12:50:56 +0300 Subject: [PATCH 3/5] Updated --- cves/2018/CVE-2018-16299.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2018/CVE-2018-16299.yaml b/cves/2018/CVE-2018-16299.yaml index f14b9a2c99..fc05d97e9b 100644 --- a/cves/2018/CVE-2018-16299.yaml +++ b/cves/2018/CVE-2018-16299.yaml @@ -4,6 +4,7 @@ info: name: WordPress Plugin Localize My Post 1.0 - LFI author: 0x_Akoko,0x240x23elu severity: high + description: The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter. reference: https://www.exploit-db.com/exploits/45439 tags: wordpress,cve2018,cve,lfi From 0e9ce643dbbcd43e459abaff2559775d5cc30464 Mon Sep 17 00:00:00 2001 From: Noam Rathaus Date: Mon, 30 Aug 2021 12:51:47 +0300 Subject: [PATCH 4/5] Updated --- cves/2021/CVE-2021-24495.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2021/CVE-2021-24495.yaml b/cves/2021/CVE-2021-24495.yaml index 1c13d872ec..4a5b9a1610 100644 --- a/cves/2021/CVE-2021-24495.yaml +++ b/cves/2021/CVE-2021-24495.yaml @@ -5,6 +5,7 @@ info: author: johnjhacking severity: medium tags: cve,cve2021,wp-plugin,wordpress,xss + description: The Marmoset Viewer WordPress plugin before 1.9.3 does not property sanitize, validate or escape the 'id' parameter before outputting back in the page, leading to a reflected Cross-Site Scripting issue. reference: - https://johnjhacking.com/blog/cve-2021-24495-improper-neutralization-of-input-during-web-page-generation-on-id-parameter-in-wordpress-marmoset-viewer-plugin-versions-1.9.3-leads-to-reflected-cross-site-scripting/ - https://wordpress.org/plugins/marmoset-viewer/#developers From be7aca060cf0ddfd30a5db9c2c606b149f658204 Mon Sep 17 00:00:00 2001 From: sandeep Date: Mon, 30 Aug 2021 23:52:12 +0530 Subject: [PATCH 5/5] Update CVE-2019-15889.yaml --- cves/2019/CVE-2019-15889.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-15889.yaml b/cves/2019/CVE-2019-15889.yaml index c3835a62a8..6ccc20b699 100644 --- a/cves/2019/CVE-2019-15889.yaml +++ b/cves/2019/CVE-2019-15889.yaml @@ -5,7 +5,7 @@ info: author: daffainfo severity: medium description: The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter. - reference: + reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15889 - https://www.cybersecurity-help.cz/vdb/SB2019041819 tags: cve,cve2019,wordpress,xss,wp-plugin