VAR-201908-0318
Vulnerability from variot - Updated: 2024-11-23 22:58The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload. WordPress for insert-or-embed-articulate-content-into-wordpress The plug-in contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. insert-or-embed-articulate-content-into-wordpress is a plugin used to embed Articulate content into a page.
The WordPress insert-or-embed-articulate-content-into-wordpress plug-in has a security vulnerability in versions prior to 4.999, which originated from the failure to sufficiently restrict file uploads. No detailed vulnerability details are provided at this time
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-0318",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "insert or embed articulate content",
"scope": "lt",
"trust": 1.0,
"vendor": "elearningfreak",
"version": "4.2999"
},
{
"model": "insert or embed articulate content into wordpress",
"scope": "lt",
"trust": 0.8,
"vendor": "elearningfreak",
"version": "4.2999"
},
{
"model": "insert-or-embed-articulate-content-into-wordpress",
"scope": "lt",
"trust": 0.6,
"vendor": "wordpress",
"version": "4.2999"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30515"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"db": "NVD",
"id": "CVE-2019-15649"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:elearningfreak:insert_or_embed_articulate_content",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
}
]
},
"cve": "CVE-2019-15649",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2019-15649",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-30515",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-15649",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-15649",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-15649",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-30515",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-2062",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30515"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2062"
},
{
"db": "NVD",
"id": "CVE-2019-15649"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload. WordPress for insert-or-embed-articulate-content-into-wordpress The plug-in contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. insert-or-embed-articulate-content-into-wordpress is a plugin used to embed Articulate content into a page. \n\r\n\r\nThe WordPress insert-or-embed-articulate-content-into-wordpress plug-in has a security vulnerability in versions prior to 4.999, which originated from the failure to sufficiently restrict file uploads. No detailed vulnerability details are provided at this time",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15649"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"db": "CNVD",
"id": "CNVD-2019-30515"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-15649",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008575",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-30515",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2062",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30515"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2062"
},
{
"db": "NVD",
"id": "CVE-2019-15649"
}
]
},
"id": "VAR-201908-0318",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30515"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30515"
}
]
},
"last_update_date": "2024-11-23T22:58:37.191000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Insert or Embed Articulate Content into WordPress",
"trust": 0.8,
"url": "https://wordpress.org/plugins/insert-or-embed-articulate-content-into-wordpress/#developers"
},
{
"title": "Patch for Unknown vulnerability in WordPress insert-or-embed-articulate-content-into-wordpress plugin",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/179055"
},
{
"title": "WordPress insert-or-embed-articulate-content-into-wordpress Fixes for plugin security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97544"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30515"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2062"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"db": "NVD",
"id": "CVE-2019-15649"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://wpvulndb.com/vulnerabilities/9415"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15649"
},
{
"trust": 1.6,
"url": "https://wordpress.org/plugins/insert-or-embed-articulate-content-into-wordpress/#developers"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15649"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30515"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2062"
},
{
"db": "NVD",
"id": "CVE-2019-15649"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-30515"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2062"
},
{
"db": "NVD",
"id": "CVE-2019-15649"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-30515"
},
{
"date": "2019-09-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"date": "2019-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-2062"
},
{
"date": "2019-08-27T12:15:13.157000",
"db": "NVD",
"id": "CVE-2019-15649"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-30515"
},
{
"date": "2019-09-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008575"
},
{
"date": "2019-09-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-2062"
},
{
"date": "2024-11-21T04:29:12.030000",
"db": "NVD",
"id": "CVE-2019-15649"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-2062"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WordPress for insert-or-embed-articulate-content-into-wordpress Vulnerability related to unlimited upload of dangerous types of files in plugins",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008575"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-2062"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…