CVE-2021-24998 (GCVE-0-2021-24998)

Vulnerability from cvelistv5 – Published: 2021-12-27 10:33 – Updated: 2024-08-03 19:49
VLAI
Title
Simple JWT Login < 3.3.0 - Insecure Password Creation
Summary
The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user accounts with a randomly generated password. The password is generated using the str_shuffle PHP function that "does not generate cryptographically secure values, and should not be used for cryptographic purposes" according to PHP's documentation.
Severity
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Unknown Simple JWT Login Affected: 0 , < 3.3.0 (custom)
Create a notification for this product.
Credits
Zian Choy WPScan
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:49:14.542Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "exploit",
              "vdb-entry",
              "technical-description",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/1cca404e-766a-43ab-b41f-77d6a3b282fb"
          },
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset/2613782"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://wordpress.org/plugins",
          "defaultStatus": "unaffected",
          "product": "Simple JWT Login",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "3.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zian Choy"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "WPScan"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user accounts with a randomly generated password. The password is generated using the str_shuffle  PHP function that \"does not generate cryptographically secure values, and should not be used for cryptographic purposes\" according to PHP\u0027s documentation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-330 Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-04T07:43:10.997Z",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "exploit",
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://wpscan.com/vulnerability/1cca404e-766a-43ab-b41f-77d6a3b282fb"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://plugins.trac.wordpress.org/changeset/2613782"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Simple JWT Login \u003c 3.3.0 - Insecure Password Creation",
      "x_generator": {
        "engine": "WPScan CVE Generator"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2021-24998",
    "datePublished": "2021-12-27T10:33:26.000Z",
    "dateReserved": "2021-01-14T00:00:00.000Z",
    "dateUpdated": "2024-08-03T19:49:14.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-24998",
      "date": "2026-05-30",
      "epss": "0.00207",
      "percentile": "0.43105"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-24998\",\"sourceIdentifier\":\"contact@wpscan.com\",\"published\":\"2021-12-27T11:15:09.517\",\"lastModified\":\"2024-11-21T05:54:09.560\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user accounts with a randomly generated password. The password is generated using the str_shuffle  PHP function that \\\"does not generate cryptographically secure values, and should not be used for cryptographic purposes\\\" according to PHP\u0027s documentation.\"},{\"lang\":\"es\",\"value\":\"El plugin Simple JWT Login de WordPress versiones anteriores a 3.3.0, puede ser usado para crear nuevas cuentas de usuario en WordPress con una contrase\u00f1a generada aleatoriamente. La contrase\u00f1a es generada usando la funci\u00f3n str_shuffle de PHP que \\\"no genera valores criptogr\u00e1ficamente seguros, y no debe ser usado para prop\u00f3sitos criptogr\u00e1ficos\\\" seg\u00fan la documentaci\u00f3n de PHP\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:simple_jwt_login_project:simple_jwt_login:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"3.3.0\",\"matchCriteriaId\":\"481BC5FC-BCF8-40A9-B781-40F470D62019\"}]}]}],\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/changeset/2613782\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/1cca404e-766a-43ab-b41f-77d6a3b282fb\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://plugins.trac.wordpress.org/changeset/2613782\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/1cca404e-766a-43ab-b41f-77d6a3b282fb\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.