CVE-2022-1577 - OpenCVE

The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. Or disable the automatic backup schedule

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Deliciousbrains	Database Backup

Configuration 1 [-]

cpe:2.3:a:deliciousbrains:database_backup:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://wpscan.com/vulnerability/39388900-266d-4308-88e7-d40ca6bbe346	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: WPScan

Published: 2022-06-06T08:51:09

Updated: 2022-06-06T08:51:09

Reserved: 2022-05-04T00:00:00

Link: CVE-2022-1577

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-06-08T10:15:09.843

Modified: 2022-06-15T14:48:33.687

Link: CVE-2022-1577

JSON object: View

Redhat Information

No data.

CWE

CWE-352

{"containers": {"cna": {"affected": [{"product": "Database Backup for WordPress", "vendor": "Unknown", "versions": [{"lessThan": "2.5.2", "status": "affected", "version": "2.5.2", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Daniel Ruf"}], "descriptions": [{"lang": "en", "value": "The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. Or disable the automatic backup schedule"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-06-06T08:51:09", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/39388900-266d-4308-88e7-d40ca6bbe346"}], "source": {"discovery": "EXTERNAL"}, "title": "Database Backup for WordPress < 2.5.2 - Arbitrary Schedule Settings Update via CSRF", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2022-1577", "STATE": "PUBLIC", "TITLE": "Database Backup for WordPress < 2.5.2 - Arbitrary Schedule Settings Update via CSRF"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Database Backup for WordPress", "version": {"version_data": [{"version_affected": "<", "version_name": "2.5.2", "version_value": "2.5.2"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Daniel Ruf"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. Or disable the automatic backup schedule"}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/39388900-266d-4308-88e7-d40ca6bbe346", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/39388900-266d-4308-88e7-d40ca6bbe346"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2022-1577", "datePublished": "2022-06-06T08:51:09", "dateReserved": "2022-05-04T00:00:00", "dateUpdated": "2022-06-06T08:51:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:deliciousbrains:database_backup:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "EF7D8057-9485-4A36-A93D-375E1C7FC8DA", "versionEndExcluding": "2.5.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. Or disable the automatic backup schedule"}, {"lang": "es", "value": "El plugin Database Backup para WordPress versiones anteriores a 2.5.2, no presenta una comprobaci\u00f3n de tipo CSRF cuando es actualizada la configuraci\u00f3n de las copias de seguridad programadas, lo que podr\u00eda permitir a un atacante hacer que un administrador conectado las cambie por medio de un ataque de tipo CSRF. Esto podr\u00eda conllevar casos en los que los atacantes puedan enviarse a s\u00ed mismos correos electr\u00f3nicos de notificaci\u00f3n de copias de seguridad, que contienen m\u00e1s detalles. O deshabilitar la programaci\u00f3n de copias de seguridad autom\u00e1ticas"}], "id": "CVE-2022-1577", "lastModified": "2022-06-15T14:48:33.687", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-06-08T10:15:09.843", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/39388900-266d-4308-88e7-d40ca6bbe346"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-352"}], "source": "contact@wpscan.com", "type": "Secondary"}]}