CVE-2021-24872 - OpenCVE

The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as Contributor to access other posts metadata without validating the permissions. Eg. contributors can access admin posts metadata.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Get Custom Field Values Project	Get Custom Field Values

Configuration 1 [-]

cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://wpscan.com/vulnerability/ec23734a-5ea7-4e46-aba9-3dee4e6dffb6	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: WPScan

Published: 2021-12-13T10:41:16

Updated: 2021-12-13T10:41:16

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24872

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-12-13T11:15:09.373

Modified: 2021-12-15T21:09:01.617

Link: CVE-2021-24872

JSON object: View

Redhat Information

No data.

CWE

CWE-863

{"containers": {"cna": {"affected": [{"product": "Get Custom Field Values", "vendor": "Unknown", "versions": [{"lessThan": "4.0", "status": "affected", "version": "4.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Francesco Carlucci"}], "descriptions": [{"lang": "en", "value": "The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as Contributor to access other posts metadata without validating the permissions. Eg. contributors can access admin posts metadata."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-12-13T10:41:16", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/ec23734a-5ea7-4e46-aba9-3dee4e6dffb6"}], "source": {"discovery": "EXTERNAL"}, "title": "Get Custom Field Values < 4.0 - Contributors+ Arbitrary Post Metadata Access", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24872", "STATE": "PUBLIC", "TITLE": "Get Custom Field Values < 4.0 - Contributors+ Arbitrary Post Metadata Access"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Get Custom Field Values", "version": {"version_data": [{"version_affected": "<", "version_name": "4.0", "version_value": "4.0"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Francesco Carlucci"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as Contributor to access other posts metadata without validating the permissions. Eg. contributors can access admin posts metadata."}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-863 Incorrect Authorization"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/ec23734a-5ea7-4e46-aba9-3dee4e6dffb6", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/ec23734a-5ea7-4e46-aba9-3dee4e6dffb6"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24872", "datePublished": "2021-12-13T10:41:16", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2021-12-13T10:41:16", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:get_custom_field_values_project:get_custom_field_values:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "5C67C93C-F9BF-4812-BB3B-3DE44537D1AA", "versionEndExcluding": "4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as Contributor to access other posts metadata without validating the permissions. Eg. contributors can access admin posts metadata."}, {"lang": "es", "value": "El plugin Get Custom Field Values de WordPress versiones anteriores a 4.0, permite a usuarios con un rol tan bajo como el de Colaborador acceder a los metadatos de otras entradas sin comprobar los permisos. Por ejemplo, los colaboradores pueden acceder a los metadatos de las entradas de los administradores"}], "id": "CVE-2021-24872", "lastModified": "2021-12-15T21:09:01.617", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-12-13T11:15:09.373", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/ec23734a-5ea7-4e46-aba9-3dee4e6dffb6"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "contact@wpscan.com", "type": "Primary"}]}