CVE-2021-24626

Опубликовано: 08 нояб. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

The Chameleon CSS WordPress plugin through 1.2 does not have any CSRF and capability checks in all its AJAX calls, allowing any authenticated user, such as subscriber to call them and perform unauthorised actions. One of AJAX call, remove_css, also does not sanitise or escape the css_id POST parameter before using it in a SQL statement, leading to a SQL Injection

Ссылки

https://codevigilant.com/disclosure/2021/wp-plugin-chameleon-css/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/06cb6c14-99b8-45b6-be2e-f4dcca8a4165
Exploit
Third Party Advisory
https://codevigilant.com/disclosure/2021/wp-plugin-chameleon-css/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/06cb6c14-99b8-45b6-be2e-f4dcca8a4165
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:chameleon_css_project:chameleon_css:*:*:*:*:*:wordpress:*:*

Версия до 1.2 (включая)

EPSS

Процентиль: 41%

0.00194

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-55v2-rhxp-258p