Search

Find a vulnerability

Search criteria

    6 vulnerabilities by de-baat

    CVE-2025-0865 (GCVE-0-2025-0865)

    Vulnerability from nvd – Published: 2025-02-19 07:32 – Updated: 2025-02-19 21:18
    VLAI
    Title
    WP Media Category Management 2.0 - 2.3.3 - Cross-Site Request Forgery to Settings Update
    Summary
    The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. This is due to missing or incorrect nonce validation on the wp_mcm_handle_action_settings() function. This makes it possible for unauthenticated attackers to alter plugin settings, such as the taxonomy used for media, the base slug for media categories, and the default media category via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    Assigner
    Impacted products
    Vendor Product Version
    debaat WP Media Category Management Affected: 2.0 , ≤ 2.3.3 (semver)
    Create a notification for this product.
    Credits
    lucky_buddy
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0865",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-19T21:18:07.731811Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-19T21:18:21.055Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WP Media Category Management",
              "vendor": "debaat",
              "versions": [
                {
                  "lessThanOrEqual": "2.3.3",
                  "status": "affected",
                  "version": "2.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "lucky_buddy"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. This is due to missing or incorrect nonce validation on the wp_mcm_handle_action_settings() function. This makes it possible for unauthenticated attackers to alter plugin settings, such as the taxonomy used for media, the base slug for media categories, and the default media category via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-19T07:32:05.707Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d42ca2f-f061-4cd1-812b-46d42c440498?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-media-category-management/trunk/include/admin/class-WP_MCM_Settings.php"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-media-category-management/tags/2.3.3/include/admin/class-WP_MCM_Render_Settings.php"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-media-category-management/trunk/include/class-WP_MCM_Options.php"
            },
            {
              "url": "https://wordpress.org/plugins/wp-media-category-management/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3242626/wp-media-category-management/trunk/include/admin/class-WP_MCM_Settings.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-02-18T19:23:39.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "WP Media Category Management 2.0 - 2.3.3 - Cross-Site Request Forgery to Settings Update"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-0865",
        "datePublished": "2025-02-19T07:32:05.707Z",
        "dateReserved": "2025-01-29T22:18:10.528Z",
        "dateUpdated": "2025-02-19T21:18:21.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-24290 (GCVE-0-2021-24290)

    Vulnerability from nvd – Published: 2021-05-17 16:48 – Updated: 2024-08-03 19:28
    VLAI
    Title
    Store Locator Plus <= 5.5.15 - Unauthenticated Stored Cross-Site Scripting (XSS)
    Summary
    There are several endpoints in the Store Locator Plus for WordPress plugin through 5.5.15 that could allow unauthenticated attackers the ability to inject malicious JavaScript into pages.
    Severity
    No CVSS data available.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Store Locator Plus® Store Locator Plus for WordPress Affected: 5.5.15 , ≤ 5.5.15 (custom)
    Create a notification for this product.
    Credits
    Chloe Chamberland
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T19:28:23.307Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Store Locator Plus for WordPress",
              "vendor": "Store Locator Plus\u00ae",
              "versions": [
                {
                  "lessThanOrEqual": "5.5.15",
                  "status": "affected",
                  "version": "5.5.15",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Chloe Chamberland"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There are several endpoints in the Store Locator Plus for WordPress plugin through 5.5.15 that could allow unauthenticated attackers the ability to inject malicious JavaScript into pages."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-17T16:48:53.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Store Locator Plus \u003c= 5.5.15 - Unauthenticated Stored Cross-Site Scripting (XSS)",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2021-24290",
              "STATE": "PUBLIC",
              "TITLE": "Store Locator Plus \u003c= 5.5.15 - Unauthenticated Stored Cross-Site Scripting (XSS)"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Store Locator Plus for WordPress",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "5.5.15",
                                "version_value": "5.5.15"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Store Locator Plus\u00ae"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Chloe Chamberland"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There are several endpoints in the Store Locator Plus for WordPress plugin through 5.5.15 that could allow unauthenticated attackers the ability to inject malicious JavaScript into pages."
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719",
                  "refsource": "CONFIRM",
                  "url": "https://wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719"
                },
                {
                  "name": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin",
                  "refsource": "MISC",
                  "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2021-24290",
        "datePublished": "2021-05-17T16:48:53.000Z",
        "dateReserved": "2021-01-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T19:28:23.307Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-24289 (GCVE-0-2021-24289)

    Vulnerability from nvd – Published: 2021-05-17 16:48 – Updated: 2024-08-03 19:28
    VLAI
    Title
    Store Locator Plus <= 5.5.14 - Authenticated Privilege Escalation
    Summary
    There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin.
    Severity
    No CVSS data available.
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Impacted products
    Vendor Product Version
    Store Locator Plus Store Locator Plus for WordPress Affected: 5.5.14 , ≤ 5.5.14 (custom)
    Create a notification for this product.
    Credits
    Chloe Chamberland
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T19:28:23.205Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/078e93cd-7cf2-4e23-8171-58d44e354d62"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Store Locator Plus for WordPress",
              "vendor": "Store Locator Plus",
              "versions": [
                {
                  "lessThanOrEqual": "5.5.14",
                  "status": "affected",
                  "version": "5.5.14",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Chloe Chamberland"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-17T16:48:52.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wpscan.com/vulnerability/078e93cd-7cf2-4e23-8171-58d44e354d62"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Store Locator Plus \u003c= 5.5.14 - Authenticated Privilege Escalation",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2021-24289",
              "STATE": "PUBLIC",
              "TITLE": "Store Locator Plus \u003c= 5.5.14 - Authenticated Privilege Escalation"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Store Locator Plus for WordPress",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "5.5.14",
                                "version_value": "5.5.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Store Locator Plus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Chloe Chamberland"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin."
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-269 Improper Privilege Management"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/078e93cd-7cf2-4e23-8171-58d44e354d62",
                  "refsource": "CONFIRM",
                  "url": "https://wpscan.com/vulnerability/078e93cd-7cf2-4e23-8171-58d44e354d62"
                },
                {
                  "name": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin/",
                  "refsource": "MISC",
                  "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin/"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2021-24289",
        "datePublished": "2021-05-17T16:48:52.000Z",
        "dateReserved": "2021-01-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T19:28:23.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-0865 (GCVE-0-2025-0865)

    Vulnerability from cvelistv5 – Published: 2025-02-19 07:32 – Updated: 2025-02-19 21:18
    VLAI
    Title
    WP Media Category Management 2.0 - 2.3.3 - Cross-Site Request Forgery to Settings Update
    Summary
    The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. This is due to missing or incorrect nonce validation on the wp_mcm_handle_action_settings() function. This makes it possible for unauthenticated attackers to alter plugin settings, such as the taxonomy used for media, the base slug for media categories, and the default media category via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    Assigner
    Impacted products
    Vendor Product Version
    debaat WP Media Category Management Affected: 2.0 , ≤ 2.3.3 (semver)
    Create a notification for this product.
    Credits
    lucky_buddy
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0865",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-19T21:18:07.731811Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-19T21:18:21.055Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WP Media Category Management",
              "vendor": "debaat",
              "versions": [
                {
                  "lessThanOrEqual": "2.3.3",
                  "status": "affected",
                  "version": "2.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "lucky_buddy"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. This is due to missing or incorrect nonce validation on the wp_mcm_handle_action_settings() function. This makes it possible for unauthenticated attackers to alter plugin settings, such as the taxonomy used for media, the base slug for media categories, and the default media category via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-19T07:32:05.707Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d42ca2f-f061-4cd1-812b-46d42c440498?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-media-category-management/trunk/include/admin/class-WP_MCM_Settings.php"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-media-category-management/tags/2.3.3/include/admin/class-WP_MCM_Render_Settings.php"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-media-category-management/trunk/include/class-WP_MCM_Options.php"
            },
            {
              "url": "https://wordpress.org/plugins/wp-media-category-management/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3242626/wp-media-category-management/trunk/include/admin/class-WP_MCM_Settings.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-02-18T19:23:39.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "WP Media Category Management 2.0 - 2.3.3 - Cross-Site Request Forgery to Settings Update"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-0865",
        "datePublished": "2025-02-19T07:32:05.707Z",
        "dateReserved": "2025-01-29T22:18:10.528Z",
        "dateUpdated": "2025-02-19T21:18:21.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-24290 (GCVE-0-2021-24290)

    Vulnerability from cvelistv5 – Published: 2021-05-17 16:48 – Updated: 2024-08-03 19:28
    VLAI
    Title
    Store Locator Plus <= 5.5.15 - Unauthenticated Stored Cross-Site Scripting (XSS)
    Summary
    There are several endpoints in the Store Locator Plus for WordPress plugin through 5.5.15 that could allow unauthenticated attackers the ability to inject malicious JavaScript into pages.
    Severity
    No CVSS data available.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Store Locator Plus® Store Locator Plus for WordPress Affected: 5.5.15 , ≤ 5.5.15 (custom)
    Create a notification for this product.
    Credits
    Chloe Chamberland
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T19:28:23.307Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Store Locator Plus for WordPress",
              "vendor": "Store Locator Plus\u00ae",
              "versions": [
                {
                  "lessThanOrEqual": "5.5.15",
                  "status": "affected",
                  "version": "5.5.15",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Chloe Chamberland"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There are several endpoints in the Store Locator Plus for WordPress plugin through 5.5.15 that could allow unauthenticated attackers the ability to inject malicious JavaScript into pages."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-17T16:48:53.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Store Locator Plus \u003c= 5.5.15 - Unauthenticated Stored Cross-Site Scripting (XSS)",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2021-24290",
              "STATE": "PUBLIC",
              "TITLE": "Store Locator Plus \u003c= 5.5.15 - Unauthenticated Stored Cross-Site Scripting (XSS)"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Store Locator Plus for WordPress",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "5.5.15",
                                "version_value": "5.5.15"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Store Locator Plus\u00ae"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Chloe Chamberland"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There are several endpoints in the Store Locator Plus for WordPress plugin through 5.5.15 that could allow unauthenticated attackers the ability to inject malicious JavaScript into pages."
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719",
                  "refsource": "CONFIRM",
                  "url": "https://wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719"
                },
                {
                  "name": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin",
                  "refsource": "MISC",
                  "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2021-24290",
        "datePublished": "2021-05-17T16:48:53.000Z",
        "dateReserved": "2021-01-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T19:28:23.307Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-24289 (GCVE-0-2021-24289)

    Vulnerability from cvelistv5 – Published: 2021-05-17 16:48 – Updated: 2024-08-03 19:28
    VLAI
    Title
    Store Locator Plus <= 5.5.14 - Authenticated Privilege Escalation
    Summary
    There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin.
    Severity
    No CVSS data available.
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Impacted products
    Vendor Product Version
    Store Locator Plus Store Locator Plus for WordPress Affected: 5.5.14 , ≤ 5.5.14 (custom)
    Create a notification for this product.
    Credits
    Chloe Chamberland
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T19:28:23.205Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/078e93cd-7cf2-4e23-8171-58d44e354d62"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Store Locator Plus for WordPress",
              "vendor": "Store Locator Plus",
              "versions": [
                {
                  "lessThanOrEqual": "5.5.14",
                  "status": "affected",
                  "version": "5.5.14",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Chloe Chamberland"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-17T16:48:52.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wpscan.com/vulnerability/078e93cd-7cf2-4e23-8171-58d44e354d62"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Store Locator Plus \u003c= 5.5.14 - Authenticated Privilege Escalation",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2021-24289",
              "STATE": "PUBLIC",
              "TITLE": "Store Locator Plus \u003c= 5.5.14 - Authenticated Privilege Escalation"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Store Locator Plus for WordPress",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "5.5.14",
                                "version_value": "5.5.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Store Locator Plus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Chloe Chamberland"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin."
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-269 Improper Privilege Management"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/078e93cd-7cf2-4e23-8171-58d44e354d62",
                  "refsource": "CONFIRM",
                  "url": "https://wpscan.com/vulnerability/078e93cd-7cf2-4e23-8171-58d44e354d62"
                },
                {
                  "name": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin/",
                  "refsource": "MISC",
                  "url": "https://www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-plugin/"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2021-24289",
        "datePublished": "2021-05-17T16:48:52.000Z",
        "dateReserved": "2021-01-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T19:28:23.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }