CVE-2021-24758 - OpenCVE

The Email Log WordPress plugin before 2.4.7 does not properly validate, sanitise and escape the "orderby" and "order" GET parameters before using them in SQL statement in the admin dashboard, leading to SQL injections

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Email Log Project	Email Log

Configuration 1 [-]

cpe:2.3:a:email_log_project:email_log:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://wpscan.com/vulnerability/8dd70db4-5845-440d-8b1d-012738abaac2	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: WPScan

Published: 2021-11-17T10:15:34

Updated: 2021-11-17T10:15:33

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24758

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-11-17T11:15:07.613

Modified: 2021-11-19T08:16:57.657

Link: CVE-2021-24758

JSON object: View

Redhat Information

No data.

CWE

CWE-89

{"containers": {"cna": {"affected": [{"product": "Email Log", "vendor": "Unknown", "versions": [{"lessThan": "2.4.7", "status": "affected", "version": "2.4.7", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "bl4derunner"}], "descriptions": [{"lang": "en", "value": "The Email Log WordPress plugin before 2.4.7 does not properly validate, sanitise and escape the \"orderby\" and \"order\" GET parameters before using them in SQL statement in the admin dashboard, leading to SQL injections"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 SQL Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-11-17T10:15:33", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/8dd70db4-5845-440d-8b1d-012738abaac2"}], "source": {"discovery": "EXTERNAL"}, "title": "Email Log < 2.4.7 - Admin+ SQL Injection", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24758", "STATE": "PUBLIC", "TITLE": "Email Log < 2.4.7 - Admin+ SQL Injection"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Email Log", "version": {"version_data": [{"version_affected": "<", "version_name": "2.4.7", "version_value": "2.4.7"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "bl4derunner"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Email Log WordPress plugin before 2.4.7 does not properly validate, sanitise and escape the \"orderby\" and \"order\" GET parameters before using them in SQL statement in the admin dashboard, leading to SQL injections"}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-89 SQL Injection"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/8dd70db4-5845-440d-8b1d-012738abaac2", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/8dd70db4-5845-440d-8b1d-012738abaac2"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24758", "datePublished": "2021-11-17T10:15:34", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2021-11-17T10:15:33", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:email_log_project:email_log:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "ED359021-2FC8-4B87-8CEF-42C46AECEE84", "versionEndExcluding": "2.4.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Email Log WordPress plugin before 2.4.7 does not properly validate, sanitise and escape the \"orderby\" and \"order\" GET parameters before using them in SQL statement in the admin dashboard, leading to SQL injections"}, {"lang": "es", "value": "El plugin Email Log de WordPress versiones anteriores a 2.4.7, no comprueba, sanea y escapa de los par\u00e1metros GET \"orderby\" y \"order\" antes de usarlos en una sentencia SQL en el panel de administraci\u00f3n, conllevando a inyecciones SQL"}], "id": "CVE-2021-24758", "lastModified": "2021-11-19T08:16:57.657", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-11-17T11:15:07.613", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/8dd70db4-5845-440d-8b1d-012738abaac2"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "contact@wpscan.com", "type": "Secondary"}]}