CVE-2019-11869

{"id": "CVE-2019-11869", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2019-05-09T23:29:00.247", "references": [{"url": "https://wpvulndb.com/vulnerabilities/9254", "source": "cve@mitre.org"}, {"url": "https://www.pluginvulnerabilities.com/2019/03/30/wordpress-plugin-team-paints-target-on-exploitable-settings-change-vulnerability-that-permits-persistent-xss-in-related-posts/", "source": "cve@mitre.org"}, {"url": "https://www.wordfence.com/blog/2019/04/yuzo-related-posts-zero-day-vulnerability-exploited-in-the-wild/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "The Yuzo Related Posts plugin 5.12.94 for WordPress has XSS because it mistakenly expects that is_admin() verifies that the request comes from an admin user (it actually only verifies that the request is for an admin page). An unauthenticated attacker can inject a payload into the plugin settings, such as the yuzo_related_post_css_and_style setting."}, {"lang": "es", "value": "El plugin Yuzo Related Posts, en la versi\u00f3n 5.12.94 para WordPress, es vulnerable a un ataque XSS porque err\u00f3neamente espera que is_admin() verifique que la petici\u00f3n proviene de un usuario admin (en realidad s\u00f3lo verifica que la petici\u00f3n es para una p\u00e1gina admin). Un atacante no autenticado puede inyectar un payload en la configuraci\u00f3n del plugin, como la configuraci\u00f3n yuzo_related_post_css_and_style"}], "lastModified": "2019-05-13T18:29:05.077", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:yuzopro:yuzo:5.12.94:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "09AAC17B-12C3-465F-8C6A-7BA23E61393E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}