CVE-2021-24824 - OpenCVE

The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the email address of orders can be retrieved

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Custom Content Shortcode Project	Custom Content Shortcode

Configuration 1 [-]

cpe:2.3:a:custom_content_shortcode_project:custom_content_shortcode:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://wpscan.com/vulnerability/7b4d4675-6089-4435-9b56-31496adc4767	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: WPScan

Published: 2022-03-07T08:16:03

Updated: 2022-03-07T08:16:03

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24824

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-03-07T09:15:08.147

Modified: 2022-04-12T16:05:55.333

Link: CVE-2021-24824

JSON object: View

Redhat Information

No data.

CWE

CWE-863

{"containers": {"cna": {"affected": [{"product": "Custom Content Shortcode", "vendor": "Unknown", "versions": [{"lessThan": "4.0.1", "status": "affected", "version": "4.0.1", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Francesco Carlucci"}], "descriptions": [{"lang": "en", "value": "The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the email address of orders can be retrieved"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-07T08:16:03", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/7b4d4675-6089-4435-9b56-31496adc4767"}], "source": {"discovery": "EXTERNAL"}, "title": "Custom Content Shortcode < 4.0.1 - Unauthorised Arbitrary Post Metadata Access", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24824", "STATE": "PUBLIC", "TITLE": "Custom Content Shortcode < 4.0.1 - Unauthorised Arbitrary Post Metadata Access"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Custom Content Shortcode", "version": {"version_data": [{"version_affected": "<", "version_name": "4.0.1", "version_value": "4.0.1"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Francesco Carlucci"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the email address of orders can be retrieved"}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-863 Incorrect Authorization"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/7b4d4675-6089-4435-9b56-31496adc4767", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/7b4d4675-6089-4435-9b56-31496adc4767"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24824", "datePublished": "2022-03-07T08:16:03", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2022-03-07T08:16:03", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:custom_content_shortcode_project:custom_content_shortcode:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "57FDBDC1-3F0D-4862-ACBC-8B267498170E", "versionEndExcluding": "4.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the email address of orders can be retrieved"}, {"lang": "es", "value": "El shortcode [field] incluido en el plugin Custom Content Shortcode de WordPress versiones anteriores a 4.0.1, permite a usuarios autenticados con un rol tan bajo como el de colaborador, acceder a metadatos arbitrarios de la entrada. Esto podr\u00eda conllevar a una divulgaci\u00f3n de datos confidenciales, por ejemplo, cuando es usado en combinaci\u00f3n con WooCommerce, puede recuperarse la direcci\u00f3n de correo electr\u00f3nico de los pedidos"}], "id": "CVE-2021-24824", "lastModified": "2022-04-12T16:05:55.333", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-07T09:15:08.147", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/7b4d4675-6089-4435-9b56-31496adc4767"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "contact@wpscan.com", "type": "Secondary"}]}