Search criteria
4 vulnerabilities by designwall
CVE-2021-4408 (GCVE-0-2021-4408)
Vulnerability from cvelistv5 – Published: 2023-07-12 03:02 – Updated: 2026-04-08 17:10
VLAI
Title
DW Question & Answer <= 1.5.8 - Cross-Site Request Forgery Bypass
Summary
The DW Question & Answer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.8. This is due to missing or incorrect nonce validation on the update_answer() function. This makes it possible for unauthenticated attackers to update answers to questions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity
4.3 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
9 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| designwall | DW Question & Answer |
Affected:
0 , ≤ 1.5.8
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:23:10.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9852e499-f413-4218-9bac-6c2be62ecc32?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/dw-question-answer/trunk/inc/Handle.php#L138"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-4408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T15:01:24.429453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T15:06:57.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DW Question \u0026 Answer",
"vendor": "designwall",
"versions": [
{
"lessThanOrEqual": "1.5.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jerome Bruandet"
}
],
"descriptions": [
{
"lang": "en",
"value": "The DW Question \u0026 Answer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.8. This is due to missing or incorrect nonce validation on the update_answer() function. This makes it possible for unauthenticated attackers to update answers to questions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:10:39.670Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9852e499-f413-4218-9bac-6c2be62ecc32?source=cve"
},
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/"
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/"
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/"
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/"
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/"
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/"
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/"
},
{
"url": "https://plugins.trac.wordpress.org/browser/dw-question-answer/trunk/inc/Handle.php#L138"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-06-21T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "DW Question \u0026 Answer \u003c= 1.5.8 - Cross-Site Request Forgery Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2021-4408",
"datePublished": "2023-07-12T03:02:02.414Z",
"dateReserved": "2023-07-11T14:42:44.627Z",
"dateUpdated": "2026-04-08T17:10:39.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-2423 (GCVE-0-2022-2423)
Vulnerability from cvelistv5 – Published: 2022-08-08 13:50 – Updated: 2024-08-03 00:39
VLAI
Title
DW Promobar <= 1.0.4 - Admin+ Stored Cross-Site Scripting
Summary
The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)
Severity
No CVSS data available.
CWE
- CWE-79 - Cross-Site Scripting (XSS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/714b4f2b-3f17-47… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | DW Promobar |
Affected:
1.0.4 , ≤ 1.0.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/714b4f2b-3f17-4730-8c25-21d8da4cb8d2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DW Promobar",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "1.0.4",
"status": "affected",
"version": "1.0.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Vinay Varma Mudunuri"
},
{
"lang": "en",
"value": "Krishna Harsha Kondaveeti"
}
],
"descriptions": [
{
"lang": "en",
"value": "The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-08T13:50:23.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/714b4f2b-3f17-4730-8c25-21d8da4cb8d2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "DW Promobar \u003c= 1.0.4 - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-2423",
"STATE": "PUBLIC",
"TITLE": "DW Promobar \u003c= 1.0.4 - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DW Promobar",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "1.0.4",
"version_value": "1.0.4"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vinay Varma Mudunuri"
},
{
"lang": "eng",
"value": "Krishna Harsha Kondaveeti"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/714b4f2b-3f17-4730-8c25-21d8da4cb8d2",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/714b4f2b-3f17-4730-8c25-21d8da4cb8d2"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-2423",
"datePublished": "2022-08-08T13:50:23.000Z",
"dateReserved": "2022-07-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:39:07.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24805 (GCVE-0-2021-24805)
Vulnerability from cvelistv5 – Published: 2022-04-25 15:50 – Updated: 2024-08-03 19:42
VLAI
Title
DW Question & Answer Pro <= 1.3.4 - Multiple CSRF
Summary
The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status.
Severity
No CVSS data available.
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/a6be3fcf-60f7-4f… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | DW Question Answer Pro |
Affected:
1.3.4 , ≤ 1.3.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:42:17.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/a6be3fcf-60f7-4f13-b773-871a7296113c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DW Question Answer Pro",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "1.3.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Brandon Roldan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The DW Question \u0026 Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-25T15:50:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/a6be3fcf-60f7-4f13-b773-871a7296113c"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "DW Question \u0026 Answer Pro \u003c= 1.3.4 - Multiple CSRF",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24805",
"STATE": "PUBLIC",
"TITLE": "DW Question \u0026 Answer Pro \u003c= 1.3.4 - Multiple CSRF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DW Question Answer Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "1.3.4",
"version_value": "1.3.4"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Brandon Roldan"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DW Question \u0026 Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/a6be3fcf-60f7-4f13-b773-871a7296113c",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/a6be3fcf-60f7-4f13-b773-871a7296113c"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24805",
"datePublished": "2022-04-25T15:50:43.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:42:17.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24800 (GCVE-0-2021-24800)
Vulnerability from cvelistv5 – Published: 2022-04-25 15:50 – Updated: 2024-08-03 19:42
VLAI
Title
DW Question & Answer Pro <= 1.3.4 - Arbitrary Comment Edition via IDOR
Summary
The DW Question & Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments.
Severity
No CVSS data available.
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/cd37ca81-d683-49… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | DW Question Answer Pro |
Affected:
1.3.4 , ≤ 1.3.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:42:17.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/cd37ca81-d683-4955-bc97-60204cb9c346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DW Question Answer Pro",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "1.3.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Brandon Roldan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The DW Question \u0026 Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-25T15:50:41.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/cd37ca81-d683-4955-bc97-60204cb9c346"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "DW Question \u0026 Answer Pro \u003c= 1.3.4 - Arbitrary Comment Edition via IDOR",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24800",
"STATE": "PUBLIC",
"TITLE": "DW Question \u0026 Answer Pro \u003c= 1.3.4 - Arbitrary Comment Edition via IDOR"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DW Question Answer Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "1.3.4",
"version_value": "1.3.4"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Brandon Roldan"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DW Question \u0026 Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/cd37ca81-d683-4955-bc97-60204cb9c346",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/cd37ca81-d683-4955-bc97-60204cb9c346"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24800",
"datePublished": "2022-04-25T15:50:41.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:42:17.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}