CVE-2021-24410 - OpenCVE

The తెలుగు బైబిల్ వచనములు WordPress plugin through 1.0 is lacking any CSRF check when saving its settings and verses, and do not sanitise or escape them when outputting them back in the page. This could allow attackers to make a logged in admin change the settings, as well as add malicious verses containing JavaScript code in them, leading to Stored XSS issues

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Telugu Bible Verse Daily Project	Telugu Bible Verse Daily

Configuration 1 [-]

cpe:2.3:a:telugu_bible_verse_daily_project:telugu_bible_verse_daily:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://wpscan.com/vulnerability/b47ea36e-f37c-4745-b750-31f5b91f543f	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: WPScan

Published: 2021-08-16T10:48:19

Updated: 2021-08-16T10:48:19

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24410

JSON object: View

NVD Information

Status : Modified

Published: 2021-08-16T11:15:08.147

Modified: 2023-11-07T03:31:12.023

Link: CVE-2021-24410

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "\u0c24\u0c46\u0c32\u0c41\u0c17\u0c41 \u0c2c\u0c48\u0c2c\u0c3f\u0c32\u0c4d \u0c35\u0c1a\u0c28\u0c2e\u0c41\u0c32\u0c41", "vendor": "Unknown", "versions": [{"lessThanOrEqual": "1.0", "status": "affected", "version": "1.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Ashish Upsham"}], "descriptions": [{"lang": "en", "value": "The \u0c24\u0c46\u0c32\u0c41\u0c17\u0c41 \u0c2c\u0c48\u0c2c\u0c3f\u0c32\u0c4d \u0c35\u0c1a\u0c28\u0c2e\u0c41\u0c32\u0c41 WordPress plugin through 1.0 is lacking any CSRF check when saving its settings and verses, and do not sanitise or escape them when outputting them back in the page. This could allow attackers to make a logged in admin change the settings, as well as add malicious verses containing JavaScript code in them, leading to Stored XSS issues"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Cross-site Scripting (XSS)", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-16T10:48:19", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/b47ea36e-f37c-4745-b750-31f5b91f543f"}], "source": {"discovery": "UNKNOWN"}, "title": "Telugu Bible Verse Daily <= 1.0 - CSRF to Stored XSS", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24410", "STATE": "PUBLIC", "TITLE": "Telugu Bible Verse Daily <= 1.0 - CSRF to Stored XSS"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "\u0c24\u0c46\u0c32\u0c41\u0c17\u0c41 \u0c2c\u0c48\u0c2c\u0c3f\u0c32\u0c4d \u0c35\u0c1a\u0c28\u0c2e\u0c41\u0c32\u0c41", "version": {"version_data": [{"version_affected": "<=", "version_name": "1.0", "version_value": "1.0"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Ashish Upsham"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The \u0c24\u0c46\u0c32\u0c41\u0c17\u0c41 \u0c2c\u0c48\u0c2c\u0c3f\u0c32\u0c4d \u0c35\u0c1a\u0c28\u0c2e\u0c41\u0c32\u0c41 WordPress plugin through 1.0 is lacking any CSRF check when saving its settings and verses, and do not sanitise or escape them when outputting them back in the page. This could allow attackers to make a logged in admin change the settings, as well as add malicious verses containing JavaScript code in them, leading to Stored XSS issues"}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 Cross-site Scripting (XSS)"}]}, {"description": [{"lang": "eng", "value": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/b47ea36e-f37c-4745-b750-31f5b91f543f", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/b47ea36e-f37c-4745-b750-31f5b91f543f"}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24410", "datePublished": "2021-08-16T10:48:19", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2021-08-16T10:48:19", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:telugu_bible_verse_daily_project:telugu_bible_verse_daily:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "7A5956F3-1D85-4F3E-9A9B-70393402E69A", "versionEndIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The \u0c24\u0c46\u0c32\u0c41\u0c17\u0c41 \u0c2c\u0c48\u0c2c\u0c3f\u0c32\u0c4d \u0c35\u0c1a\u0c28\u0c2e\u0c41\u0c32\u0c41 WordPress plugin through 1.0 is lacking any CSRF check when saving its settings and verses, and do not sanitise or escape them when outputting them back in the page. This could allow attackers to make a logged in admin change the settings, as well as add malicious verses containing JavaScript code in them, leading to Stored XSS issues"}, {"lang": "es", "value": "El \u00e0\u00b0\u00a4\u00e0\u00b1\u2020\u00e0\u00b0\u00b2\u00e0\u00b1?\u00e0\u00b0-\u00e0\u00b1? \u00e0\u00b0\u00ac\u00e0\u00b1\u02c6\u00e0\u00b0\u00ac\u00e0\u00b0\u00bf\u00e0\u00b0\u00b2\u00e0\u00b1? \u00e0\u00b0\u00b5\u00e0\u00b0\u0161\u00e0\u00b0\u00a8\u00e0\u00b0\u00ae\u00e0\u00b1?\u00e0\u00b0\u00b2\u00e0\u00b1? El plugin de WordPress a trav\u00e9s de la versi\u00f3n 1.0 carece de cualquier comprobaci\u00f3n de CSRF al guardar sus configuraciones y versos, y no los sanea o escapa al devolverlos a la p\u00e1gina. Esto podr\u00eda permitir a los atacantes hacer que un administrador conectado cambie la configuraci\u00f3n, as\u00ed como a\u00f1adir versos maliciosos que contengan c\u00f3digo JavaScript en ellos, llevando a problemas de XSS almacenado"}], "id": "CVE-2021-24410", "lastModified": "2023-11-07T03:31:12.023", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-08-16T11:15:08.147", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/b47ea36e-f37c-4745-b750-31f5b91f543f"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-352"}, {"lang": "en", "value": "CWE-79"}], "source": "contact@wpscan.com", "type": "Secondary"}]}