| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| CVE-2020-36719 | 24 Sep 202513:50 | – | circl | |
| WordPress Theme ListingPro - WordPress Directory & Listing 安全漏洞 | 7 Jun 202300:00 | – | cnnvd | |
| CVE-2020-36719 | 7 Jun 202301:51 | – | cve | |
| CVE-2020-36719 ListingPro - WordPress Directory & Listing Theme < 2.6.1 - Arbitrary Plugin Installation, Activation and Deactivation | 7 Jun 202301:51 | – | cvelist | |
| EUVD-2020-24161 | 7 Jun 202301:51 | – | euvd | |
| CVE-2020-36719 | 7 Jun 202302:15 | – | nvd | |
| CVE-2020-36719 | 7 Jun 202302:15 | – | osv | |
| Design/Logic Flaw | 7 Jun 202302:15 | – | prion | |
| PT-2023-11861 | 7 Jun 202300:00 | – | ptsecurity | |
| CVE-2020-36719 | 5 Feb 202515:09 | – | redhatcve |
id: CVE-2020-36719
info:
name: ListingPro < 2.6.1 - Arbitrary Plugin Installation/Activation/Deactivation
author: ritikchaddha
severity: critical
description: |
The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lp_cc_addons_actions function. This makes it possible for unauthenticated attackers to arbitrarily install, activate and deactivate any plugin.
impact: |
Unauthenticated attackers can arbitrarily install, activate or deactivate plugins, potentially installing malicious plugins to gain complete site control.
remediation: |
Upgrade to ListingPro version 2.6.1 or later.
reference:
- https://blog.nintechnet.com/wordpress-listingpro-theme-fixed-a-critical-vulnerability/
- https://nvd.nist.gov/vuln/detail/CVE-2020-36719
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2020-36719
epss-score: 0.04304
epss-percentile: 0.8994
cwe-id: CWE-862
cpe: cpe:2.3:a:cridio:listingpro:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 1
vendor: cridio
product: listingpro
fofa-query: body="/wp-content/plugins/listingpro"
tags: cve,cve2020,wp,wp-pluginwordpress,listingpro,passive,vkev,vuln
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/themes/listingpro/style.css"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "ListingPro"
- "Version:"
condition: and
- type: dsl
dsl:
- compare_versions(detected_version, '< 2.6.1')
- status_code == 200
condition: and
extractors:
- type: regex
part: body
name: detected_version
group: 1
regex:
- '(?i)Version:\s?([\w.]+)'
# digest: 4b0a00483046022100917bdefa228d7b473cddffad20799b26f7b059abbdca6cfda834ea5b523d511f022100c41f8b763ee29882bbff53ba9e0f62d8f971db21fa1d990c94db8953453e1ba1:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation