WordPress Plugin 'GDPR Cookie Consent' < 1.8.3 Multiple Vulnerabilities (CVE-2020-20633)

2023-02-1700:00:00

www.tenable.com

wordpress

plugin

gdpr cookie consent

vulnerabilities

cve-2020-20633

stored xss

privilege escalation

update

0.001 Low

EPSS

Percentile

24.8%

JSON

The WordPress application running on the remote host has a version of the ‘GDPR Cookie Consent’ plugin that is prior to 1.8.3. It is, therefore, affected by authenticated stored XSS and privilege escalation.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(171606);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/04");

  script_cve_id("CVE-2020-20633");

  script_name(english:"WordPress Plugin 'GDPR Cookie Consent' < 1.8.3 Multiple Vulnerabilities (CVE-2020-20633)");

  script_set_attribute(attribute:"synopsis", value:
"The remote WordPress application has a plugin installed that has multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The WordPress application running on the remote host has a version of the 'GDPR Cookie Consent' plugin that is
prior to 1.8.3. It is, therefore, affected by authenticated stored XSS and privilege escalation.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://blog.nintechnet.com/wordpress-gdpr-cookie-consent-plugin-fixed-vulnerability/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?16e0087f");
  script_set_attribute(attribute:"solution", value:
"Update the 'GDPR Cookie Consent' plugin to version 1.8.3 or later through the administrative dashboard.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-20633");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/02/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/02/17");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cookielawinfo:gdpr_cookie_consent");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("wordpress_plugin_detect.nbin");
  script_require_keys("installed_sw/WordPress", "www/PHP");
  script_require_ports("Services/www", 80);

  exit(0);
}

include('vcf.inc');
include('vcf_extras.inc');

var app_info = vcf::wordpress::plugin::get_app_info(plugin:'cookie-law-info');

var constraints = [
  { 'fixed_version': '1.8.3'}
];

vcf::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_NOTE,
  flags:{'xss': TRUE}
);

VendorProductVersionCPE
cookielawinfogdpr_cookie_consentcpe:/a:cookielawinfo:gdpr_cookie_consent

Vendor	Product	Version	CPE
cookielawinfo	gdpr_cookie_consent		cpe:/a:cookielawinfo:gdpr_cookie_consent

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20633

www.nessus.org/u?16e0087f

0.001 Low

EPSS

Percentile

24.8%

JSON

Related for WORDPRESS_PLUGIN_GDPR_COOKIE_CONSENT_1_8_3.NASL