Search criteria
6 vulnerabilities found for hubspot by hubspot
FKIE_CVE-2024-5879
Vulnerability from fkie_nvd - Published: 2024-08-30 05:15 - Updated: 2024-09-03 14:59
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute of the HubSpot Meeting Widget in all versions up to, and including, 11.1.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hubspot:hubspot:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "7DB5CDE0-DFF0-4B7C-8D50-E0F487B479BC",
"versionEndExcluding": "11.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027url\u0027 attribute of the HubSpot Meeting Widget in all versions up to, and including, 11.1.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026amp; Analytics para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del atributo \u0027url\u0027 del widget de reuniones de HubSpot en todas las versiones hasta la 11.1.22 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"id": "CVE-2024-5879",
"lastModified": "2024-09-03T14:59:58.410",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-30T05:15:12.710",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/leadin/tags/11.1.13/public/admin/widgets/class-elementormeeting.php#L108"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3123662/leadin/trunk/public/admin/widgets/class-elementormeeting.php"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac004fb0-e178-4e9b-9aa3-b14eab43f22d?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@wordfence.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-1239
Vulnerability from fkie_nvd - Published: 2022-05-02 16:15 - Updated: 2024-11-21 06:40
Severity ?
Summary
The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the edit_posts capability (by default contributor and above) to perform SSRF attacks
References
| URL | Tags | ||
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hubspot:hubspot:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "62F17D8C-EE1A-46BF-BF88-C8982BF1ABE7",
"versionEndExcluding": "8.8.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the edit_posts capability (by default contributor and above) to perform SSRF attacks"
},
{
"lang": "es",
"value": "El plugin HubSpot de WordPress versiones anteriores a 8.8.15, no comprueba la URL del proxy dada al endpoint REST del proxy, lo que podr\u00eda permitir a usuarios con la capacidad edit_posts (por defecto el contribuyente y superior) llevar a cabo ataques de tipo SSRF"
}
],
"id": "CVE-2022-1239",
"lastModified": "2024-11-21T06:40:19.367",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-02T16:15:08.777",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "contact@wpscan.com",
"type": "Secondary"
}
]
}
CVE-2024-5879 (GCVE-0-2024-5879)
Vulnerability from cvelistv5 – Published: 2024-08-30 04:29 – Updated: 2024-08-30 14:05
VLAI?
Title
HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics <= 11.1.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via HubSpot Meeting Widget
Summary
The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute of the HubSpot Meeting Widget in all versions up to, and including, 11.1.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| hubspotdev | HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics |
Affected:
* , ≤ 11.1.22
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5879",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T14:00:45.894393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T14:05:55.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics",
"vendor": "hubspotdev",
"versions": [
{
"lessThanOrEqual": "11.1.22",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027url\u0027 attribute of the HubSpot Meeting Widget in all versions up to, and including, 11.1.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T04:29:57.206Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac004fb0-e178-4e9b-9aa3-b14eab43f22d?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/leadin/tags/11.1.13/public/admin/widgets/class-elementormeeting.php#L108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3123662/leadin/trunk/public/admin/widgets/class-elementormeeting.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-29T15:39:03.000+00:00",
"value": "Disclosed"
}
],
"title": "HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics \u003c= 11.1.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via HubSpot Meeting Widget"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5879",
"datePublished": "2024-08-30T04:29:57.206Z",
"dateReserved": "2024-06-11T16:52:39.130Z",
"dateUpdated": "2024-08-30T14:05:55.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1239 (GCVE-0-2022-1239)
Vulnerability from cvelistv5 – Published: 2022-05-02 16:05 – Updated: 2024-08-02 23:55
VLAI?
Title
HubSpot < 8.8.15 - Contributor+ Blind SSRF
Summary
The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the edit_posts capability (by default contributor and above) to perform SSRF attacks
Severity ?
No CVSS data available.
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics |
Affected:
8.8.15 , < 8.8.15
(custom)
|
Credits
Brandon Roldan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.8.15",
"status": "affected",
"version": "8.8.15",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Brandon Roldan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the edit_posts capability (by default contributor and above) to perform SSRF attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-02T16:05:49",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "HubSpot \u003c 8.8.15 - Contributor+ Blind SSRF",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-1239",
"STATE": "PUBLIC",
"TITLE": "HubSpot \u003c 8.8.15 - Contributor+ Blind SSRF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.15",
"version_value": "8.8.15"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Brandon Roldan"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the edit_posts capability (by default contributor and above) to perform SSRF attacks"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-1239",
"datePublished": "2022-05-02T16:05:49",
"dateReserved": "2022-04-05T00:00:00",
"dateUpdated": "2024-08-02T23:55:24.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5879 (GCVE-0-2024-5879)
Vulnerability from nvd – Published: 2024-08-30 04:29 – Updated: 2024-08-30 14:05
VLAI?
Title
HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics <= 11.1.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via HubSpot Meeting Widget
Summary
The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute of the HubSpot Meeting Widget in all versions up to, and including, 11.1.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| hubspotdev | HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics |
Affected:
* , ≤ 11.1.22
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5879",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T14:00:45.894393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T14:05:55.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics",
"vendor": "hubspotdev",
"versions": [
{
"lessThanOrEqual": "11.1.22",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027url\u0027 attribute of the HubSpot Meeting Widget in all versions up to, and including, 11.1.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T04:29:57.206Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac004fb0-e178-4e9b-9aa3-b14eab43f22d?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/leadin/tags/11.1.13/public/admin/widgets/class-elementormeeting.php#L108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3123662/leadin/trunk/public/admin/widgets/class-elementormeeting.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-29T15:39:03.000+00:00",
"value": "Disclosed"
}
],
"title": "HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics \u003c= 11.1.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via HubSpot Meeting Widget"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5879",
"datePublished": "2024-08-30T04:29:57.206Z",
"dateReserved": "2024-06-11T16:52:39.130Z",
"dateUpdated": "2024-08-30T14:05:55.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1239 (GCVE-0-2022-1239)
Vulnerability from nvd – Published: 2022-05-02 16:05 – Updated: 2024-08-02 23:55
VLAI?
Title
HubSpot < 8.8.15 - Contributor+ Blind SSRF
Summary
The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the edit_posts capability (by default contributor and above) to perform SSRF attacks
Severity ?
No CVSS data available.
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics |
Affected:
8.8.15 , < 8.8.15
(custom)
|
Credits
Brandon Roldan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.8.15",
"status": "affected",
"version": "8.8.15",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Brandon Roldan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the edit_posts capability (by default contributor and above) to perform SSRF attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-02T16:05:49",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "HubSpot \u003c 8.8.15 - Contributor+ Blind SSRF",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-1239",
"STATE": "PUBLIC",
"TITLE": "HubSpot \u003c 8.8.15 - Contributor+ Blind SSRF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms \u0026 Analytics",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.15",
"version_value": "8.8.15"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Brandon Roldan"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the edit_posts capability (by default contributor and above) to perform SSRF attacks"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/4ad2bb96-87a4-4590-a058-b03b33d2fcee"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-1239",
"datePublished": "2022-05-02T16:05:49",
"dateReserved": "2022-04-05T00:00:00",
"dateUpdated": "2024-08-02T23:55:24.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}