Enhancement: cves/2018/CVE-2018-7422.yaml by mp

2022-06-17 12:27:54 -04:00 · 2022-06-17 12:27:54 -04:00 · f3876b41e4
parent 90d3d8c1b8
commit f3876b41e4
1 changed files with 6 additions and 4 deletions
--- a/cves/2018/CVE-2018-7422.yaml
+++ b/cves/2018/CVE-2018-7422.yaml
@ -1,15 +1,15 @@
 id: CVE-2018-7422

 info:
-  name: WordPress Site Editor Plugin LFI
+  name: WordPress Site Editor <=1.1.1 - Local File Inclusion
  author: LuskaBol,0x240x23elu
  severity: high
-  description: A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php.
+  description: WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php.
  reference:
    - https://www.exploit-db.com/exploits/44340
    - http://seclists.org/fulldisclosure/2018/Mar/40
    - https://wpvulndb.com/vulnerabilities/9044
-    - https://www.exploit-db.com/exploits/44340/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-7422
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
@ -35,4 +35,6 @@ requests:
      - type: regex
        regex:
          - "root:.*:0:0:"
-        part: body
+        part: body
+
+# Enhanced by mp on 2022/06/17