CVE-2021-24894 - OpenCVE

The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated user submit such rating and the reviews are set to be displayed on the post/page

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:S/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Implecode	Reviews Plus

Configuration 1 [-]

cpe:2.3:a:implecode:reviews_plus:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://plugins.trac.wordpress.org/changeset/2618234	Patch Third Party Advisory
https://wpscan.com/vulnerability/79bb5acb-ea56-41a9-83a1-28a181ae41e2	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: WPScan

Published: 2021-11-23T19:16:24

Updated: 2021-11-23T19:16:24

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24894

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-11-23T20:15:10.523

Modified: 2022-10-25T16:23:29.517

Link: CVE-2021-24894

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Reviews Plus", "vendor": "Unknown", "versions": [{"lessThan": "1.2.14", "status": "affected", "version": "1.2.14", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Drew Jones"}], "descriptions": [{"lang": "en", "value": "The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated user submit such rating and the reviews are set to be displayed on the post/page"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-191", "description": "CWE-191 Integer Underflow (Wrap or Wraparound)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-11-23T19:16:24", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/79bb5acb-ea56-41a9-83a1-28a181ae41e2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://plugins.trac.wordpress.org/changeset/2618234"}], "source": {"discovery": "EXTERNAL"}, "title": "Reviews Plus < 1.2.14 - Subscriber+ Reviews DoS", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24894", "STATE": "PUBLIC", "TITLE": "Reviews Plus < 1.2.14 - Subscriber+ Reviews DoS"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Reviews Plus", "version": {"version_data": [{"version_affected": "<", "version_name": "1.2.14", "version_value": "1.2.14"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Drew Jones"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated user submit such rating and the reviews are set to be displayed on the post/page"}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-191 Integer Underflow (Wrap or Wraparound)"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/79bb5acb-ea56-41a9-83a1-28a181ae41e2", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/79bb5acb-ea56-41a9-83a1-28a181ae41e2"}, {"name": "https://plugins.trac.wordpress.org/changeset/2618234", "refsource": "CONFIRM", "url": "https://plugins.trac.wordpress.org/changeset/2618234"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24894", "datePublished": "2021-11-23T19:16:24", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2021-11-23T19:16:24", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:implecode:reviews_plus:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "6C200DDF-CD6F-45D9-8EC5-DE7B24F0EF4F", "versionEndExcluding": "1.2.14", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated user submit such rating and the reviews are set to be displayed on the post/page"}, {"lang": "es", "value": "El plugin Reviews Plus de WordPress versiones anteriores a 1.2.14, no comprueba la valoraci\u00f3n enviada, permitiendo el env\u00edo de enteros largos, causando una Denegaci\u00f3n de Servicio en la secci\u00f3n de valoraciones cuando un usuario autenticado env\u00eda dicha valoraci\u00f3n y las valoraciones est\u00e1n configuradas para ser mostradas en el post/p\u00e1gina"}], "id": "CVE-2021-24894", "lastModified": "2022-10-25T16:23:29.517", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-11-23T20:15:10.523", "references": [{"source": "contact@wpscan.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset/2618234"}, {"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/79bb5acb-ea56-41a9-83a1-28a181ae41e2"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-191"}], "source": "contact@wpscan.com", "type": "Secondary"}]}