CVE-2024-7863 - Vulnerability Details - OpenCVE

The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Vendors	Products
Pixeljar	Favicon Generator

Configuration 1 [-]

cpe:2.3:a:pixeljar:favicon_generator:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://wpscan.com/vulnerability/5e814b02-3870-4742-905d-ec03b0d31add/

History

Fri, 27 Sep 2024 21:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-352
CPEs		cpe:2.3:a:pixeljar:favicon_generator::::::wordpress::*

Fri, 13 Sep 2024 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Pixeljar Pixeljar favicon Generator
CPEs		cpe:2.3:a:pixeljar:favicon_generator::::::::
Vendors & Products		Pixeljar Pixeljar favicon Generator
Metrics		cvssV3_1 `{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 13 Sep 2024 06:15:00 +0000

Type	Values Removed	Values Added
Description		The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server
Title		Favicon Generator < 2.1 - Arbitrary File Upload via CSRF
References		https://wpscan.com/vulnerability/5e814b02-3870-4742-905d-ec03b0d31add/

MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2024-09-13T06:00:04.133Z

Updated: 2024-09-13T14:27:56.345Z

Reserved: 2024-08-15T18:43:39.788Z

Link: CVE-2024-7863

Vulnrichment

Updated: 2024-09-13T14:23:43.047Z

NVD

Status : Analyzed

Published: 2024-09-13T06:15:15.650

Modified: 2024-09-27T21:27:07.640

Link: CVE-2024-7863

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7863", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2024-08-15T18:43:39.788Z", "datePublished": "2024-09-13T06:00:04.133Z", "dateUpdated": "2024-09-13T14:27:56.345Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2024-09-13T06:00:04.133Z"}, "title": "Favicon Generator < 2.1 - Arbitrary File Upload via CSRF", "problemTypes": [{"descriptions": [{"description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Favicon Generator (CLOSED)", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThan": "2.1"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server"}], "references": [{"url": "https://wpscan.com/vulnerability/5e814b02-3870-4742-905d-ec03b0d31add/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Daniel Ruf", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"affected": [{"vendor": "pixeljar", "product": "favicon_generator", "cpes": ["cpe:2.3:a:pixeljar:favicon_generator:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "2.1", "versionType": "semver"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-09-13T14:21:12.320573Z", "id": "CVE-2024-7863", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-13T14:27:56.345Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-7863", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-13T14:21:12.320573Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:pixeljar:favicon_generator:*:*:*:*:*:*:*:*"], "vendor": "pixeljar", "product": "favicon_generator", "versions": [{"status": "affected", "version": "0", "lessThan": "2.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-13T14:23:43.047Z"}}], "cna": {"title": "Favicon Generator < 2.1 - Arbitrary File Upload via CSRF", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Daniel Ruf"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "Favicon Generator (CLOSED)", "versions": [{"status": "affected", "version": "0", "lessThan": "2.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://wpscan.com/vulnerability/5e814b02-3870-4742-905d-ec03b0d31add/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2024-09-13T06:00:04.133Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7863", "state": "PUBLISHED", "dateUpdated": "2024-09-13T14:27:56.345Z", "dateReserved": "2024-08-15T18:43:39.788Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2024-09-13T06:00:04.133Z", "assignerShortName": "WPScan"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pixeljar:favicon_generator:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "AD25634F-DF77-4192-AFC0-70242B138177", "versionEndExcluding": "2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server"}, {"lang": "es", "value": "El complemento Favicon Generator (CLOSED) de WordPress anterior a la versi\u00f3n 2.1 no valida los archivos que se van a cargar y no tiene comprobaciones CSRF, lo que podr\u00eda permitir a los atacantes hacer que el administrador que haya iniciado sesi\u00f3n cargue archivos arbitrarios, como PHP, en el servidor."}], "id": "CVE-2024-7863", "lastModified": "2024-09-27T21:27:07.640", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 5.8, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-09-13T06:15:15.650", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/5e814b02-3870-4742-905d-ec03b0d31add/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}