Description
Unvalidated input and lack of output encoding in the ThirstyAffiliates Affiliate Link Manager WordPress plugin, versions before 3.9.3, was vulnerable to authenticated Stored Cross-Site Scripting (XSS), which could lead to privilege escalation.
Affected Software
Related
{"id": "CVE-2021-24127", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-24127", "description": "Unvalidated input and lack of output encoding in the ThirstyAffiliates Affiliate Link Manager WordPress plugin, versions before 3.9.3, was vulnerable to authenticated Stored Cross-Site Scripting (XSS), which could lead to privilege escalation.", "published": "2021-03-18T15:15:00", "modified": "2021-03-25T01:00:00", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "SINGLE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 3.5}, "severity": "LOW", "exploitabilityScore": 6.8, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 2.3, "impactScore": 2.7}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24127", "reporter": "contact@wpscan.com", "references": ["https://wpscan.com/vulnerability/1fbd9f7a-6f99-45a2-9d57-01631a1f35d6"], "cvelist": ["CVE-2021-24127"], "immutableFields": [], "lastseen": "2022-03-23T14:47:18", "viewCount": 13, "enchantments": {"dependencies": {"references": [{"type": "wpexploit", "idList": ["WPEX-ID:1FBD9F7A-6F99-45A2-9D57-01631A1F35D6"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:1FBD9F7A-6F99-45A2-9D57-01631A1F35D6"]}], "rev": 4}, "score": {"value": 4.1, "vector": "NONE"}, "twitter": {"counter": 2, "modified": "2021-03-19T14:40:25", "tweets": [{"link": "https://twitter.com/threatintelctr/status/1374896417525882880", "text": " NEW: CVE-2021-24127 Unvalidated input and lack of output encoding in the ThirstyAffiliates Affiliate Link Manager WordPress plugin, versions before 3.9.3, was vulnerable to authenticated Stored Cross-Site Scrip... (click for more) Severity: MEDIUM https://t.co/L0foJpm4Z6?amp=1"}, {"link": "https://twitter.com/threatintelctr/status/1374896417525882880", "text": " NEW: CVE-2021-24127 Unvalidated input and lack of output encoding in the ThirstyAffiliates Affiliate Link Manager WordPress plugin, versions before 3.9.3, was vulnerable to authenticated Stored Cross-Site Scrip... (click for more) Severity: MEDIUM https://t.co/L0foJpm4Z6?amp=1"}]}, "backreferences": {"references": [{"type": "wpexploit", "idList": ["WPEX-ID:1FBD9F7A-6F99-45A2-9D57-01631A1F35D6"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:1FBD9F7A-6F99-45A2-9D57-01631A1F35D6"]}]}, "exploitation": null, "vulnersScore": 4.1}, "_state": {"dependencies": 0}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": [], "cpe23": [], "cwe": ["CWE-79"], "affectedSoftware": [{"cpeName": "caseproof:thirstyaffiliates_affiliate_link_manager", "version": "3.9.3", "operator": "lt", "name": "caseproof thirstyaffiliates affiliate link manager"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:caseproof:thirstyaffiliates_affiliate_link_manager:3.9.3:*:*:*:*:wordpress:*:*", "versionEndExcluding": "3.9.3", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://wpscan.com/vulnerability/1fbd9f7a-6f99-45a2-9d57-01631a1f35d6", "name": "N/A", "refsource": "CONFIRM", "tags": ["Exploit", "Third Party Advisory"]}]}
{"patchstack": [{"lastseen": "2022-06-01T19:35:01", "description": "Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by minhtuanact in WordPress ThirstyAffiliates plugin (versions <= 3.9.2).\n\n## Solution\n\n\r\n Update the WordPress ThirstyAffiliates plugin to the latest available version (at least 3.9.3).\r\n ", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-05-22T00:00:00", "type": "patchstack", "title": "WordPress ThirstyAffiliates plugin <= 3.9.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24127"], "modified": "2020-05-22T00:00:00", "id": "PATCHSTACK:E93C8E2591426EC644FFE0E7344B849C", "href": "https://patchstack.com/database/vulnerability/thirstyaffiliates/wordpress-thirstyaffiliates-plugin-3-9-2-authenticated-stored-cross-site-scripting-xss-vulnerability", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}], "wpvulndb": [{"lastseen": "2021-02-15T22:21:37", "bulletinFamily": "software", "cvelist": ["CVE-2021-24127"], "description": "The ThirstyAffiliates Affiliate Link Manager WordPress plugin was vulnerable to authenticated stored Cross-Site Scripting (XSS). An authenticated attacker, such as an author, could attach an image with malicious JavaScript as its title, which would be executed once viewed by an administrator user.\n\n### PoC\n\nhttps://drive.google.com/file/d/1tFhSPnnzRSVLx-T0TwtHGbUTK63ib6xq/view\n", "modified": "2021-01-21T06:00:50", "published": "2020-05-22T00:00:00", "id": "WPVDB-ID:1FBD9F7A-6F99-45A2-9D57-01631A1F35D6", "href": "https://wpscan.com/vulnerability/1fbd9f7a-6f99-45a2-9d57-01631a1f35d6", "type": "wpvulndb", "title": "ThirstyAffiliates < 3.9.3 - Authenticated Stored XSS", "sourceData": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "wpexploit": [{"lastseen": "2021-02-15T22:21:37", "bulletinFamily": "exploit", "cvelist": ["CVE-2021-24127"], "description": "The ThirstyAffiliates Affiliate Link Manager WordPress plugin was vulnerable to authenticated stored Cross-Site Scripting (XSS). An authenticated attacker, such as an author, could attach an image with malicious JavaScript as its title, which would be executed once viewed by an administrator user.\n", "modified": "2021-01-21T06:00:50", "published": "2020-05-22T00:00:00", "id": "WPEX-ID:1FBD9F7A-6F99-45A2-9D57-01631A1F35D6", "href": "", "type": "wpexploit", "title": "ThirstyAffiliates < 3.9.3 - Authenticated Stored XSS", "sourceData": "https://drive.google.com/file/d/1tFhSPnnzRSVLx-T0TwtHGbUTK63ib6xq/view", "cvss": {"score": 0.0, "vector": "NONE"}}]}
CVE-2021-24127
