All the vulnerabilites related to 2j-slideshow - Slideshow, Image Slider by 2J
cve-2023-4604
Vulnerability from cvelistv5
Published
2024-08-17 07:34
Modified
2024-08-19 13:47
Severity ?
EPSS score ?
Summary
The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘post’ parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | 2j-slideshow | Slideshow, Image Slider by 2J |
Version: * ≤ 1.3.54 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T13:46:56.391339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T13:47:07.515Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Slideshow, Image Slider by 2J",
"vendor": "2j-slideshow",
"versions": [
{
"lessThanOrEqual": "1.3.54",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "zulu caPWN"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018post\u2019 parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-17T07:34:25.254Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3a9a1f1-566f-478e-a0b7-857c12f21ff7?source=cve"
},
{
"url": "https://wordpress.org/plugins/2j-slideshow/#developers"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-16T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Slideshow, Image Slider by 2J \u003c= 1.3.54 - Reflected Cross-Site Scripting via \u0027post\u0027"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-4604",
"datePublished": "2024-08-17T07:34:25.254Z",
"dateReserved": "2023-08-29T15:45:12.039Z",
"dateUpdated": "2024-08-19T13:47:07.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-36729
Vulnerability from cvelistv5
Published
2023-06-07 01:51
Modified
2024-12-20 23:49
Severity ?
EPSS score ?
Summary
The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'twoj_slideshow_setup' function called via the wp_ajax_twoj_slideshow_setup AJAX action in versions up to, and including, 1.3.31. This makes it possible for authenticated attackers (Subscriber, or above level access) to allow attackers to perform otherwise restricted actions and subsequently deactivate any plugins on the blog.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | 2j-slideshow | Slideshow, Image Slider by 2J |
Version: * ≤ 1.3.31 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f06d1b9e-e27d-4c43-a69b-7641518e4615?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/wordpress-2j-slideshow-plugin-fixed-authenticated-arbitrary-plugin-deactivation-vulnerability/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-images-slideshow-by-2j-image-slider-security-bypass-1-3-31/"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2226528%402j-slideshow\u0026new=2226528%402j-slideshow\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-20T23:26:41.988801Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-20T23:49:25.746Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Slideshow, Image Slider by 2J",
"vendor": "2j-slideshow",
"versions": [
{
"lessThanOrEqual": "1.3.31",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jerome Bruandet"
}
],
"descriptions": [
{
"lang": "en",
"value": "The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the \u0027twoj_slideshow_setup\u0027 function called via the wp_ajax_twoj_slideshow_setup AJAX action in versions up to, and including, 1.3.31. This makes it possible for authenticated attackers (Subscriber, or above level access) to allow attackers to perform otherwise restricted actions and subsequently deactivate any plugins on the blog."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-285 Improper Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-07T01:51:51.258Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f06d1b9e-e27d-4c43-a69b-7641518e4615?source=cve"
},
{
"url": "https://blog.nintechnet.com/wordpress-2j-slideshow-plugin-fixed-authenticated-arbitrary-plugin-deactivation-vulnerability/"
},
{
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-images-slideshow-by-2j-image-slider-security-bypass-1-3-31/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2226528%402j-slideshow\u0026new=2226528%402j-slideshow\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2020-01-20T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2020-36729",
"datePublished": "2023-06-07T01:51:51.258Z",
"dateReserved": "2023-06-06T13:38:28.868Z",
"dateUpdated": "2024-12-20T23:49:25.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}