Search...

CVE-2019-15871

2019-09-03T13:15:00

ID CVE-2019-15871
Type cve
Reporter cve@mitre.org
Modified 2020-08-24T17:37:00

Description

The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings.

JSON Vulners Source

Initial Source

{"id": "CVE-2019-15871", "bulletinFamily": "NVD", "title": "CVE-2019-15871", "description": "The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings.", "published": "2019-09-03T13:15:00", "modified": "2020-08-24T17:37:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-15871", "reporter": "cve@mitre.org", "references": ["https://www.webarxsecurity.com/loginpress-plugin/", "https://wordpress.org/plugins/loginpress/#developers"], "cvelist": ["CVE-2019-15871"], "type": "cve", "lastseen": "2020-12-09T21:41:45", "edition": 7, "viewCount": 26, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310113514"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:9348"]}], "modified": "2020-12-09T21:41:45", "rev": 2}, "score": {"value": 3.1, "vector": "NONE", "modified": "2020-12-09T21:41:45", "rev": 2}, "vulnersScore": 3.1}, "cpe": [], "affectedSoftware": [{"cpeName": "wpbrigade:loginpress", "name": "wpbrigade loginpress", "operator": "lt", "version": "1.1.4"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4}, "cpe23": [], "cwe": ["CWE-862"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:wpbrigade:loginpress:1.1.4:*:*:*:*:*:*:*", "versionEndExcluding": "1.1.4", "vulnerable": true}], "operator": "OR"}]}}

{"wpvulndb": [{"lastseen": "2020-12-09T21:57:00", "bulletinFamily": "software", "cvelist": ["CVE-2019-15872", "CVE-2019-15871"], "description": "The Custom Login Page Customizer | LoginPress WordPress plugin was affected by an Unauthorized Blind SQL Injection security vulnerability.\n", "modified": "2020-09-22T07:28:10", "published": "2018-11-29T00:00:00", "id": "WPVDB-ID:9348", "href": "https://wpvulndb.com/vulnerabilities/9348", "type": "wpvulndb", "title": "LoginPress <= 1.1.13 - Unauthorized Blind SQL Injection", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-02-12T15:36:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-15871", "CVE-2019-15872"], "description": "The WordPress plugin LoginPress is prone to multiple vulnerabilities.", "modified": "2020-02-07T00:00:00", "published": "2019-09-12T00:00:00", "id": "OPENVAS:1361412562310113514", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113514", "type": "openvas", "title": "WordPress LoginPress Plugin < 1.1.4 Multiple Vulnerabilities", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113514\");\n script_version(\"2020-02-07T08:57:05+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-07 08:57:05 +0000 (Fri, 07 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-12 11:44:18 +0000 (Thu, 12 Sep 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2019-15871\", \"CVE-2019-15872\");\n\n script_name(\"WordPress LoginPress Plugin < 1.1.4 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_wordpress_plugin_http_detect.nasl\");\n script_mandatory_keys(\"loginpress/detected\");\n\n script_tag(name:\"summary\", value:\"The WordPress plugin LoginPress is prone to multiple vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The following vulnerabilities exist:\n\n - There is no capabilities check for updates to settings.\n\n - There is an SQL injection vulnerability via an import of settings.\");\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to\n read and modify data in the database and maybe even\n execute arbitrary code on the target machine.\");\n script_tag(name:\"affected\", value:\"WordPress LoginPress plugin through version 1.1.3.\");\n script_tag(name:\"solution\", value:\"Update to version 1.1.4 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.webarxsecurity.com/loginpress-plugin/\");\n script_xref(name:\"URL\", value:\"https://wordpress.org/plugins/loginpress/#developers\");\n\n exit(0);\n}\n\n\nCPE = \"cpe:/a:wpbrigade:loginpress\";\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe: CPE ) ) exit( 0 );\nif( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) ) exit( 0 );\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_is_less( version: version, test_version: \"1.1.4\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"1.1.4\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}