{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-1203", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "dateUpdated": "2024-08-02T23:55:24.348Z", "dateReserved": "2022-04-01T00:00:00", "datePublished": "2022-05-30T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2023-07-04T08:09:07.959Z"}, "title": "Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update", "problemTypes": [{"descriptions": [{"description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Content Mask", "versions": [{"status": "affected", "versionType": "custom", "version": "0", "lessThan": "1.8.4.1"}], "defaultStatus": "unaffected", "collectionURL": "https://wordpress.org/plugins"}], "descriptions": [{"lang": "en", "value": "The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options"}], "references": [{"url": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "ptsfence", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:55:24.348Z"}, "title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820", "tags": ["exploit", "vdb-entry", "technical-description", "x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:content_mask_project:content_mask:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "4392A69B-E521-4166-8123-53319E8D6DAF", "versionEndExcluding": "1.8.4.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options"}, {"lang": "es", "value": "El plugin Content Mask de WordPress versiones anteriores a 1.8.4.1, no dispone de comprobaciones de autorizaci\u00f3n y de tipo CSRF en varias acciones AJAX, as\u00ed como no comprueba la opci\u00f3n de actualizaci\u00f3n para asegurar que pertenece al plugin. Como resultado, cualquier usuario autenticado, como el suscriptor podr\u00eda modificar opciones arbitrarias del blog"}], "id": "CVE-2022-1203", "lastModified": "2024-11-21T06:40:14.840", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-05-30T09:15:09.050", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/3c9969e5-ca8e-4e5d-a482-c6b5c4257820"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}, {"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}