| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
| CVE-2019-6703 | 29 Jan 201916:52 | – | circl | |
| CVE-2019-6703 | 27 Jan 201902:00 | – | cve | |
| CVE-2019-6703 | 27 Jan 201902:00 | – | cvelist | |
| EUVD-2019-16261 | 7 Oct 202500:30 | – | euvd | |
| CVE-2019-6703 | 27 Jan 201902:29 | – | nvd | |
| Improper access control | 27 Jan 201902:29 | – | prion | |
| Wordpress Users Urged to Delete Zero-Day-Ridden Plugin | 28 Jan 201914:39 | – | threatpost | |
| VulnCheck KEV: CVE-2019-6703 | 22 Aug 202000:00 | – | vulncheck_kev | |
| Total Donations Plugin for WordPress < 2.0.6 Arbitrary Options Update | 7 Feb 202300:00 | – | nessus | |
| Total Donations - Update Arbitrary WordPress Option Values | 25 Jan 201900:00 | – | wpvulndb |
id: CVE-2019-6703
info:
name: Total Donations Plugin for WordPress < 2.0.6 - Arbitrary Options Update
author: DhiyaneshDK
severity: critical
description: |
Incorrect access control in migla_ajax_functions.php in the Calmar Webmedia Total Donations plugin through 2.0.5 for WordPress allows unauthenticated attackers to update arbitrary WordPress option values, leading to site takeover. These attackers can send requests to wp-admin/admin-ajax.php to call the miglaA_update_me action to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator.
impact: |
Attackers can modify site options, enabling new user registration as Administrator, leading to site takeover.
remediation: Update to the latest version of the plugin where this issue is fixed.
reference:
- https://wpscan.com/vulnerability/6e6342b0-82ca-4f5f-8b59-92ec3bdf1d02/
- https://nvd.nist.gov/vuln/detail/CVE-2019-6703
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2019-6703
epss-score: 0.26076
epss-percentile: 0.97734
cpe: cpe:2.3:a:calmar-webmedia:total_donations:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 1
vendor: calmar-webmedia
product: total_donations
framework: wordpress
fofa-query: body="/wp-content/plugins/total-donations/"
tags: cve,cve2019,wpscan,wordpress,wp,wp-plugin,total-donations,passive,vkev,vuln
http:
- raw:
- |
GET /wp-content/plugins/total-donations/readme.txt HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'compare_versions(version, "< 2.0.6")'
- 'contains(body, "Total Donations")'
- 'status_code == 200'
condition: and
extractors:
- type: regex
name: version
part: body
group: 1
regex:
- "(?mi)Stable tag: ([0-9.]+)"
internal: true
# digest: 4a0a00473045022013988c8cea92bb07ae65277a6f70394c377a73c5d755d7941b3e1f2d2b1518a5022100902cad0541a6a80bee14859c30340631935941d39fce118fc0dc01575b207a73:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation