CVE-2021-24328 (GCVE-0-2021-24328)

Vulnerability from cvelistv5 – Published: 2021-06-01 11:33 – Updated: 2024-08-03 19:28
VLAI?
Title
WP Login Security and History <= 1.0 - CSRF to Stored Cross-Site Scripting (XSS)
Summary
The WP Login Security and History WordPress plugin through 1.0 did not have CSRF check when saving its settings, not any sanitisation or validation on them. This could allow attackers to make logged in administrators change the plugin's settings to arbitrary values, and set XSS payloads on them as well
Severity ?
No CVSS data available.
CWE
  • CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
Vendor Product Version
Unknown WP Login Security and History Affected: 1.0 , ≤ 1.0 (custom)
Create a notification for this product.
Credits
m0ze
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:28:23.829Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/eeb41d7b-8f9e-4a12-b65f-f310f08e4ace"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://m0ze.ru/exploit/csrf-wp-login-security-and-history-v1.0.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-352%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-79%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WP Login Security and History",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThanOrEqual": "1.0",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "m0ze"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The WP Login Security and History WordPress plugin through 1.0 did not have CSRF check when saving its settings, not any sanitisation or validation on them. This could allow attackers to make logged in administrators change the plugin\u0027s settings to arbitrary values, and set XSS payloads on them as well"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-01T11:33:31",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wpscan.com/vulnerability/eeb41d7b-8f9e-4a12-b65f-f310f08e4ace"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://m0ze.ru/exploit/csrf-wp-login-security-and-history-v1.0.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-352%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-79%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "WP Login Security and History \u003c= 1.0 - CSRF to Stored Cross-Site Scripting (XSS)",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2021-24328",
          "STATE": "PUBLIC",
          "TITLE": "WP Login Security and History \u003c= 1.0 - CSRF to Stored Cross-Site Scripting (XSS)"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WP Login Security and History",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "1.0",
                            "version_value": "1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "m0ze"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WP Login Security and History WordPress plugin through 1.0 did not have CSRF check when saving its settings, not any sanitisation or validation on them. This could allow attackers to make logged in administrators change the plugin\u0027s settings to arbitrary values, and set XSS payloads on them as well"
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-352 Cross-Site Request Forgery (CSRF)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/eeb41d7b-8f9e-4a12-b65f-f310f08e4ace",
              "refsource": "CONFIRM",
              "url": "https://wpscan.com/vulnerability/eeb41d7b-8f9e-4a12-b65f-f310f08e4ace"
            },
            {
              "name": "https://m0ze.ru/exploit/csrf-wp-login-security-and-history-v1.0.html",
              "refsource": "MISC",
              "url": "https://m0ze.ru/exploit/csrf-wp-login-security-and-history-v1.0.html"
            },
            {
              "name": "https://m0ze.ru/vulnerability/[2021-03-29]-[WordPress]-[CWE-352]-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt",
              "refsource": "MISC",
              "url": "https://m0ze.ru/vulnerability/[2021-03-29]-[WordPress]-[CWE-352]-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt"
            },
            {
              "name": "https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-79%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt",
              "refsource": "MISC",
              "url": "https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-79%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2021-24328",
    "datePublished": "2021-06-01T11:33:31",
    "dateReserved": "2021-01-14T00:00:00",
    "dateUpdated": "2024-08-03T19:28:23.829Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clogica:wp_login_security_and_history:*:*:*:*:*:wordpress:*:*\", \"versionEndIncluding\": \"1.0\", \"matchCriteriaId\": \"26C09068-6E2A-4F8B-AF2D-F7267D76DB94\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The WP Login Security and History WordPress plugin through 1.0 did not have CSRF check when saving its settings, not any sanitisation or validation on them. This could allow attackers to make logged in administrators change the plugin\u0027s settings to arbitrary values, and set XSS payloads on them as well\"}, {\"lang\": \"es\", \"value\": \"El plugin WP Login Security and History de WordPress versiones hasta 1.0, no ten\\u00eda comprobaci\\u00f3n de tipo CSRF al guardar su configuraci\\u00f3n, ni ningun saneamiento o comprobaci\\u00f3n en ellos. Esto podr\\u00eda permitir a atacantes hacer que los administradores registrados cambien la configuraci\\u00f3n del plugin a valores arbitrarios y tambi\\u00e9n establezcan cargas \\u00fatiles de tipo XSS en ellos\"}]",
      "id": "CVE-2021-24328",
      "lastModified": "2024-11-21T05:52:51.253",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N\", \"baseScore\": 6.2, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 4.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:N/I:P/A:N\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2021-06-01T14:15:09.297",
      "references": "[{\"url\": \"https://m0ze.ru/exploit/csrf-wp-login-security-and-history-v1.0.html\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-352%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt\", \"source\": \"contact@wpscan.com\"}, {\"url\": \"https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-79%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/eeb41d7b-8f9e-4a12-b65f-f310f08e4ace\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://m0ze.ru/exploit/csrf-wp-login-security-and-history-v1.0.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-352%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-79%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/eeb41d7b-8f9e-4a12-b65f-f310f08e4ace\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "contact@wpscan.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"contact@wpscan.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}, {\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-24328\",\"sourceIdentifier\":\"contact@wpscan.com\",\"published\":\"2021-06-01T14:15:09.297\",\"lastModified\":\"2024-11-21T05:52:51.253\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The WP Login Security and History WordPress plugin through 1.0 did not have CSRF check when saving its settings, not any sanitisation or validation on them. This could allow attackers to make logged in administrators change the plugin\u0027s settings to arbitrary values, and set XSS payloads on them as well\"},{\"lang\":\"es\",\"value\":\"El plugin WP Login Security and History de WordPress versiones hasta 1.0, no ten\u00eda comprobaci\u00f3n de tipo CSRF al guardar su configuraci\u00f3n, ni ningun saneamiento o comprobaci\u00f3n en ellos. Esto podr\u00eda permitir a atacantes hacer que los administradores registrados cambien la configuraci\u00f3n del plugin a valores arbitrarios y tambi\u00e9n establezcan cargas \u00fatiles de tipo XSS en ellos\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"contact@wpscan.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"},{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clogica:wp_login_security_and_history:*:*:*:*:*:wordpress:*:*\",\"versionEndIncluding\":\"1.0\",\"matchCriteriaId\":\"26C09068-6E2A-4F8B-AF2D-F7267D76DB94\"}]}]}],\"references\":[{\"url\":\"https://m0ze.ru/exploit/csrf-wp-login-security-and-history-v1.0.html\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-352%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt\",\"source\":\"contact@wpscan.com\"},{\"url\":\"https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-79%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/eeb41d7b-8f9e-4a12-b65f-f310f08e4ace\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://m0ze.ru/exploit/csrf-wp-login-security-and-history-v1.0.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-352%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-79%5D-WP-Login-Security-and-History-WordPress-Plugin-v1.0.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/eeb41d7b-8f9e-4a12-b65f-f310f08e4ace\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.