CVE-2021-4381
uListing <= 1.6.6 - Unauthenticated Options Changes via wp_route
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The uListing plugin for WordPress is vulnerable to authorization bypass via wp_route due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::import_new_layout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to change any WordPress option in the database.
El plugin uListing para WordPress es vulnerable a la omisión de autorización a través de "wp_route" debido a la falta de comprobaciones de capacidad, y la falta de un nonce de seguridad, en el método "StmListingSingleLayout::import_new_layout" en versiones hasta la v1.6.6 inclusive. Esto hace posible que atacantes no autenticados cambien cualquier opción de WordPress en la base de datos.
*Credits:
Jerome Bruandet
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-01-28 CVE Published
- 2023-06-06 CVE Reserved
- 2024-07-09 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-862: Missing Authorization
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://www.wordfence.com/threat-intel/vulnerabilities/id/ff5755dc-2262-47f6-ac3a-6bca9529d088?source=cve | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2456786%40ulisting&new=2456786%40ulisting&sfp_email=&sfph_mail= | 2023-11-07 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Stylemixthemes Search vendor "Stylemixthemes" | Ulisting Search vendor "Stylemixthemes" for product "Ulisting" | < 1.7 Search vendor "Stylemixthemes" for product "Ulisting" and version " < 1.7" | wordpress |
Affected
| ||||||