CVE-2021-24306

Опубликовано: 24 мая 2021

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

The Ultimate Member – User Profile, User Registration, Login & Membership Plugin WordPress plugin before 2.1.20 did not properly sanitise, validate or encode the query string when generating a link to edit user's own profile, leading to an authenticated reflected Cross-Site Scripting issue. Knowledge of the targeted username is required to exploit this, and attackers would then need to make the related logged in user open a malicious link.

Ссылки

https://wpscan.com/vulnerability/35516555-c50c-486a-886c-df49c9e51e2c
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/35516555-c50c-486a-886c-df49c9e51e2c
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*

Версия до 2.1.20 (исключая)

EPSS

Процентиль: 58%

0.00363

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-8cvw-43cv-8xmh

github

больше 3 лет назад

The Ultimate Member â€“ User Profile, User Registration, Login & Membership Plugin WordPress plugin before 2.1.20 did not properly sanitise, validate or encode the query string when generating a link to edit user's own profile, leading to an authenticated reflected Cross-Site Scripting issue. Knowledge of the targeted username is required to exploit this, and attackers would then need to make the related logged in user open a malicious link.