Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | Wordpress WP Marketplace 2.4.0 Arbitrary File Download Vulnerability | 21 Mar 201500:00 | – | zdt |
 | WordPress WP Marketplace Catalog Traversal Vulnerability | 12 Nov 201900:00 | – | cnvd |
 | CVE-2014-9014 | 6 Nov 201920:34 | – | cvelist |
 | WordPress Plugin Marketplace 2.4.0 - Arbitrary File Download | 22 Mar 201500:00 | – | exploitdb |
 | EUVD-2014-8842 | 7 Oct 202500:30 | – | euvd |
 | WordPress Plugin Marketplace 2.4.0 - Arbitrary File Download | 22 Mar 201500:00 | – | exploitpack |
 | CVE-2014-9014 | 6 Nov 201921:15 | – | nvd |
 | WordPress Marketplace 2.4.0 Arbitrary File Download | 25 Mar 201500:00 | – | packetstorm |
 | Directory traversal | 6 Nov 201921:15 | – | prion |
 | WP Marketplace <= 2.4.0 - Arbitrary File Download | 21 Mar 201500:00 | – | wpvulndb |
10
Node
| Source | Link |
|---|---|
| security | www.security.szurek.pl/wp-marketplace-240-arbitrary-file-download.html |
| exploit-db | www.exploit-db.com/exploits/36466/ |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| checkout_register | query param | /?checkout_register=register | Authentication/registration flow endpoint exposed via checkout_register parameter used in PoC to gain access. | CWE-22 |
| action | request body | / | AJAX plugin functionality exposed at root with action=wpmp_pp_ajax_call and execute=wpmp_save_settings to change user role. | CWE-22 |
| execute | request body | / | AJAX plugin functionality exposed at root with action=wpmp_pp_ajax_call and execute=wpmp_save_settings to change user role. | CWE-22 |
| _wpmp_settings[user_role][] | request body | / | AJAX plugin functionality exposed at root with action=wpmp_pp_ajax_call and execute=wpmp_save_settings to change user role. | CWE-22 |
| action | request body | / | AJAX call to execute wpmp_front_add_product to obtain nonce and proceed with file download steps. | CWE-22 |
| execute | request body | / | AJAX call to execute wpmp_front_add_product to obtain nonce and proceed with file download steps. | CWE-22 |
| __product_wpmp | request body | / | Parameters used to specify the file to download (arbitrary file path) via the WP Marketplace AJAX flow. | CWE-22 |
| wpmp_list[file][] | request body | / | Parameters used to specify the file to download (arbitrary file path) via the WP Marketplace AJAX flow. | CWE-22 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Nov 2024 02:20Current
5.9Medium risk
Vulners AI Score5.9
CVSS 24
CVSS 3.14.3
EPSS0.05247