exploitDog

CVE-2021-24384

Опубликовано: 06 июл. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

The joomsport_md_load AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget chain to exploit this, other installed plugins could, which might lead to more severe issues such as RCE

Ссылки

https://wpscan.com/vulnerability/fb6c407c-713c-4e83-92ce-4e5f791be696
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/fb6c407c-713c-4e83-92ce-4e5f791be696
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:beardev:joomsport:*:*:*:*:*:wordpress:*:*

Версия до 5.1.8 (исключая)

EPSS

Процентиль: 89%

0.04455

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-502

Связанные уязвимости

GHSA-2mh8-69x2-q9m6

github

больше 3 лет назад

The joomsport_md_load AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget chain to exploit this, other installed plugins could, which might lead to more severe issues such as RCE

EPSS

Процентиль: 89%

0.04455

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-502