CVE-2022-2198 - OpenCVE

The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy , does not check authorization before displaying private messages, allowing any logged in user to read other users private message using the message id, which can easily be brute forced.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
2code	Wpqa Builder

Configuration 1 [-]

cpe:2.3:a:2code:wpqa_builder:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://wpscan.com/vulnerability/867248f2-d497-4ea8-b3f8-0f2e8aaaa2bd	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: WPScan

Published: 2022-08-22T15:00:17

Updated: 2022-08-22T15:00:17

Reserved: 2022-06-24T00:00:00

Link: CVE-2022-2198

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-08-22T15:15:14.337

Modified: 2022-08-25T02:43:30.067

Link: CVE-2022-2198

JSON object: View

Redhat Information

No data.

CWE

CWE-639

{"containers": {"cna": {"affected": [{"product": "WPQA Builder", "vendor": "Unknown", "versions": [{"lessThan": "5.7", "status": "affected", "version": "5.7", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Bikram kharal"}], "descriptions": [{"lang": "en", "value": "The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy , does not check authorization before displaying private messages, allowing any logged in user to read other users private message using the message id, which can easily be brute forced."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-22T15:00:17", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/867248f2-d497-4ea8-b3f8-0f2e8aaaa2bd"}], "source": {"discovery": "EXTERNAL"}, "title": "WPQA < 5.7 - Subscriber+ Private Message Disclosure via IDOR", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2022-2198", "STATE": "PUBLIC", "TITLE": "WPQA < 5.7 - Subscriber+ Private Message Disclosure via IDOR"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "WPQA Builder", "version": {"version_data": [{"version_affected": "<", "version_name": "5.7", "version_value": "5.7"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Bikram kharal"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy , does not check authorization before displaying private messages, allowing any logged in user to read other users private message using the message id, which can easily be brute forced."}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/867248f2-d497-4ea8-b3f8-0f2e8aaaa2bd", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/867248f2-d497-4ea8-b3f8-0f2e8aaaa2bd"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2022-2198", "datePublished": "2022-08-22T15:00:17", "dateReserved": "2022-06-24T00:00:00", "dateUpdated": "2022-08-22T15:00:17", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}