CVE-2021-24281 - OpenCVE

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the delete_action_post AJAX action to delete any post on a target site.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Querysol	Redirection For Contact Form 7

Configuration 1 [-]

cpe:2.3:a:querysol:redirection_for_contact_form_7:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://wpscan.com/vulnerability/daf12b85-f5ad-4261-ab39-be6840ad3cdc	Exploit Vendor Advisory
https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/	Exploit Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: WPScan

Published: 2021-05-14T11:38:17

Updated: 2021-05-14T11:38:17

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24281

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-05-14T12:15:08.293

Modified: 2021-05-17T19:15:01.487

Link: CVE-2021-24281

JSON object: View

Redhat Information

No data.

CWE

CWE-863

{"containers": {"cna": {"affected": [{"product": "Redirection for Contact Form 7", "vendor": "Query Solutions", "versions": [{"lessThan": "2.3.4", "status": "affected", "version": "2.3.4", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Chloe Chamberland"}], "descriptions": [{"lang": "en", "value": "In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the delete_action_post AJAX action to delete any post on a target site."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-14T11:38:17", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://wpscan.com/vulnerability/daf12b85-f5ad-4261-ab39-be6840ad3cdc"}], "source": {"discovery": "UNKNOWN"}, "title": "Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Post Deletion", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24281", "STATE": "PUBLIC", "TITLE": "Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Post Deletion"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Redirection for Contact Form 7", "version": {"version_data": [{"version_affected": "<", "version_name": "2.3.4", "version_value": "2.3.4"}]}}]}, "vendor_name": "Query Solutions"}]}}, "credit": [{"lang": "eng", "value": "Chloe Chamberland"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the delete_action_post AJAX action to delete any post on a target site."}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-863 Incorrect Authorization"}]}]}, "references": {"reference_data": [{"name": "https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/", "refsource": "MISC", "url": "https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/"}, {"name": "https://wpscan.com/vulnerability/daf12b85-f5ad-4261-ab39-be6840ad3cdc", "refsource": "CONFIRM", "url": "https://wpscan.com/vulnerability/daf12b85-f5ad-4261-ab39-be6840ad3cdc"}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24281", "datePublished": "2021-05-14T11:38:17", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2021-05-14T11:38:17", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:querysol:redirection_for_contact_form_7:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "F3E1A627-7160-4591-944C-5AEA2D9B3C58", "versionEndExcluding": "2.3.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the delete_action_post AJAX action to delete any post on a target site."}, {"lang": "es", "value": "En el plugin de WordPress Redirection for Contact Form versiones 7 anteriores a 2.3.4, cualquier usuario autenticado, como un suscriptor, pod\u00eda usar la acci\u00f3n delete_action_post AJAX para eliminar cualquier publicaci\u00f3n en un sitio de destino"}], "id": "CVE-2021-24281", "lastModified": "2021-05-17T19:15:01.487", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-14T12:15:08.293", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://wpscan.com/vulnerability/daf12b85-f5ad-4261-ab39-be6840ad3cdc"}, {"source": "contact@wpscan.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "contact@wpscan.com", "type": "Primary"}]}