CVE-2022-1572

{"id": "CVE-2022-1572", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2022-06-27T09:15:09.120", "references": [{"url": "https://wpscan.com/vulnerability/9afd1805-d449-4551-986a-f92cb47c95c5", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://wpscan.com/vulnerability/9afd1805-d449-4551-986a-f92cb47c95c5", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-352"}, {"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file"}, {"lang": "es", "value": "El plugin HTML2WP de WordPress versiones hasta 1.0.0, no dispone de comprobaciones de autorizaci\u00f3n y de tipo CSRF en una acci\u00f3n AJAX, disponible para cualquier usuario autenticado, como el suscriptor, lo que podr\u00eda permitirles eliminar un archivo arbitrario"}], "lastModified": "2024-11-21T06:40:59.643", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:html2wp_project:html2wp:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "A56A1BC3-602F-4773-96D7-28D6B8A9B0B3", "versionEndIncluding": "1.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}