CVE-2022-1763

Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings

CVSS v3 5.4 MEDIUM
CVSS v2.0 3.5 LOW

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

3.5^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://wpscan.com/vulnerability/bd3aff73-078a-4e5a-b9e3-1604851c6df8	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:static_page_extended_project:static_page_extended:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2022-06-13 13:15

Updated : 2024-02-28 19:09

NVD link : CVE-2022-1763

Mitre link : CVE-2022-1763

CVE.ORG link : CVE-2022-1763

JSON object : View

Products Affected

static_page_extended_project

static_page_extended

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2022-1763", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2022-06-13T13:15:12.267", "references": [{"url": "https://wpscan.com/vulnerability/bd3aff73-078a-4e5a-b9e3-1604851c6df8", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}, {"type": "Secondary", "source": "contact@wpscan.com", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings"}, {"lang": "es", "value": "Debido a una falta de comprobaciones, el plugin Static Page eXtended de WordPress versiones hasta 2.1, es vulnerable a ataques de tipo CSRF que permiten cambiar la configuraci\u00f3n del plugin, incluyendo los niveles de usuario requeridos para funciones espec\u00edficas. Esto tambi\u00e9n podr\u00eda conllevar a un ataque de tipo Cross-Site Scripting Almacenado debido a una falta de escape en algunos de los ajustes"}], "lastModified": "2022-06-21T18:26:35.660", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:static_page_extended_project:static_page_extended:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "3CE5E4FD-60C4-4243-8217-0DF166A68C2D", "versionEndIncluding": "2.1"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}