CVE-2021-24501 - OpenCVE

The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Amentotech	Workreap

Configuration 1 [-]

cpe:2.3:a:amentotech:workreap:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/	Exploit Third Party Advisory
https://wpscan.com/vulnerability/66e4aaf4-5ef7-4da8-a45c-e24f449c363e	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: WPScan

Published: 2021-08-09T10:04:09

Updated: 2021-08-09T10:04:09

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24501

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-08-09T10:15:07.553

Modified: 2021-08-17T21:07:46.687

Link: CVE-2021-24501

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Workreap", "vendor": "Unknown", "versions": [{"lessThan": "2.2.2", "status": "affected", "version": "2.2.2", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Harald Eilertsen (Jetpack)"}], "descriptions": [{"lang": "en", "value": "The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-283", "description": "CWE-283 Unverified Ownership", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-09T10:04:09", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/"}, {"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/66e4aaf4-5ef7-4da8-a45c-e24f449c363e"}], "source": {"discovery": "UNKNOWN"}, "title": "Workreap theme < 2.2.2 - Missing Authorization Checks in Ajax Actions", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24501", "STATE": "PUBLIC", "TITLE": "Workreap theme < 2.2.2 - Missing Authorization Checks in Ajax Actions"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Workreap", "version": {"version_data": [{"version_affected": "<", "version_name": "2.2.2", "version_value": "2.2.2"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Harald Eilertsen (Jetpack)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site."}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-283 Unverified Ownership"}]}, {"description": [{"lang": "eng", "value": "CWE-862 Missing Authorization"}]}]}, "references": {"reference_data": [{"name": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/", "refsource": "MISC", "url": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/"}, {"name": "https://wpscan.com/vulnerability/66e4aaf4-5ef7-4da8-a45c-e24f449c363e", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/66e4aaf4-5ef7-4da8-a45c-e24f449c363e"}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24501", "datePublished": "2021-08-09T10:04:09", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2021-08-09T10:04:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:amentotech:workreap:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "765DAFC3-F01C-4AF6-B0B5-94CCECE97AE2", "versionEndExcluding": "2.2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site."}, {"lang": "es", "value": "El tema de Workreap WordPress versiones anteriores a 2.2.2, presentaban varias acciones AJAX que carec\u00edan de comprobaciones de autorizaci\u00f3n para verificar que un usuario estaba autorizado a llevar a cabo operaciones cr\u00edticas como la modificaci\u00f3n o la eliminaci\u00f3n de objetos. Esto permit\u00eda a un usuario conectado modificar o eliminar objetos pertenecientes a otros usuarios del sitio"}], "id": "CVE-2021-24501", "lastModified": "2021-08-17T21:07:46.687", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-08-09T10:15:07.553", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/"}, {"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/66e4aaf4-5ef7-4da8-a45c-e24f449c363e"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-283"}, {"lang": "en", "value": "CWE-862"}], "source": "contact@wpscan.com", "type": "Primary"}]}