CVE-2015-2792
WPML < 3.1.8 - Authorization Bypass
Severity Score
5.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The WPML plugin before 3.1.9 for WordPress does not properly handle multiple actions in a request, which allows remote attackers to bypass nonce checks and perform arbitrary actions via a request containing an action POST parameter, an action GET parameter, and a valid nonce for the action GET parameter.
El plugin WPML anterior a 3.1.9 para WordPress no maneja correctamente las acciones múltiples en una solicitud, lo que permite a atacantes remotos evadir las comprobaciones nonce y realizar acciones arbitrarias a través de una solicitud que contiene un parámetro action POST, un parámetro action GET y un nonce válido para el parámetro action GET.
*Credits:
Jouko Pynnöne
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-03-02 CVE Published
- 2015-03-30 CVE Reserved
- 2024-09-17 CVE Updated
- 2024-09-17 First Exploit
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-284: Improper Access Control
CAPEC
References (4)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| http://klikki.fi/adv/wpml.html | 2024-09-17 | |
| http://packetstormsecurity.com/files/130839/WordPress-WPML-Missing-Authentication.html | 2024-09-17 | |
| http://seclists.org/fulldisclosure/2015/Mar/79 | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://wpml.org/2015/03/wpml-security-update-bug-and-fix | 2015-03-31 |