The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b | Exploit Third Party Advisory |
https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 06:39
Type | Values Removed | Values Added |
---|---|---|
References | () https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b - Exploit, Third Party Advisory |
07 Nov 2023, 03:41
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-352 |
27 Jun 2023, 16:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-352 |
Information
Published : 2022-05-02 16:15
Updated : 2024-11-21 06:39
NVD link : CVE-2022-0952
Mitre link : CVE-2022-0952
CVE.ORG link : CVE-2022-0952
JSON object : View
Products Affected
sitemap_project
- sitemap