CVE-2021-24444 (GCVE-0-2021-24444)

Vulnerability from cvelistv5 – Published: 2021-08-02 00:00 – Updated: 2024-08-03 19:28
VLAI?
Summary
The TaxoPress – Create and Manage Taxonomies, Tags, Categories WordPress plugin before 3.0.7.2 does not sanitise its Taxonomy description field, allowing high privilege users to set JavaScript payload in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue.
Severity ?
No CVSS data available.
CWE
  • CWE-79 - Cross-site Scripting (XSS)
Assigner
References
Impacted products
Vendor Product Version
Unknown TaxoPress – Create and Manage Taxonomies, Tags, Categories Affected: 3.0.7.2 , < 3.0.7.2 (custom)
Create a notification for this product.
Credits
Akash Rajendra Patil
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:28:23.965Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/a31321fe-adc6-4480-a220-35aedca52b8b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/164604/WordPress-TaxoPress-3.0.7.1-Cross-Site-Scripting.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "TaxoPress \u2013 Create and Manage Taxonomies, Tags, Categories",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "3.0.7.2",
              "status": "affected",
              "version": "3.0.7.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Akash Rajendra Patil"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The TaxoPress \u2013 Create and Manage Taxonomies, Tags, Categories WordPress plugin before 3.0.7.2 does not sanitise its Taxonomy description field, allowing high privilege users to set JavaScript payload in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross-site Scripting (XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-06T00:00:00",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "url": "https://wpscan.com/vulnerability/a31321fe-adc6-4480-a220-35aedca52b8b"
        },
        {
          "url": "http://packetstormsecurity.com/files/164604/WordPress-TaxoPress-3.0.7.1-Cross-Site-Scripting.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "TaxoPress \u003c 3.0.7.2 - Authenticated Stored Cross-Site Scripting (XSS)",
      "x_generator": "WPScan CVE Generator"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2021-24444",
    "datePublished": "2021-08-02T00:00:00",
    "dateReserved": "2021-01-14T00:00:00",
    "dateUpdated": "2024-08-03T19:28:23.965Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:taxopress:taxopress:*:*:*:*:*:wordpress:*:*\", \"versionEndExcluding\": \"3.0.7.2\", \"matchCriteriaId\": \"497C32FE-EE50-435D-A60E-0C7EC9D5B7A9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The TaxoPress \\u2013 Create and Manage Taxonomies, Tags, Categories WordPress plugin before 3.0.7.2 does not sanitise its Taxonomy description field, allowing high privilege users to set JavaScript payload in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue.\"}, {\"lang\": \"es\", \"value\": \"El plugin de WordPress TaxoPress - Create and Manage Taxonomies, Tags, Categories antes de la versi\\u00f3n 3.0.7.2 no sanea su campo de descripci\\u00f3n de la taxonom\\u00eda, lo que permite a los usuarios con privilegios elevados establecer la carga \\u00fatil de JavaScript en ellos incluso cuando la capacidad unfiltered_html no est\\u00e1 permitida, lo que conduce a un problema de Cross-Site Scripting almacenado autenticado\"}]",
      "id": "CVE-2021-24444",
      "lastModified": "2024-11-21T05:53:05.177",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:N/I:P/A:N\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2021-08-02T11:15:09.027",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/164604/WordPress-TaxoPress-3.0.7.1-Cross-Site-Scripting.html\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://wpscan.com/vulnerability/a31321fe-adc6-4480-a220-35aedca52b8b\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/164604/WordPress-TaxoPress-3.0.7.1-Cross-Site-Scripting.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://wpscan.com/vulnerability/a31321fe-adc6-4480-a220-35aedca52b8b\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "contact@wpscan.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"contact@wpscan.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-24444\",\"sourceIdentifier\":\"contact@wpscan.com\",\"published\":\"2021-08-02T11:15:09.027\",\"lastModified\":\"2024-11-21T05:53:05.177\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The TaxoPress \u2013 Create and Manage Taxonomies, Tags, Categories WordPress plugin before 3.0.7.2 does not sanitise its Taxonomy description field, allowing high privilege users to set JavaScript payload in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue.\"},{\"lang\":\"es\",\"value\":\"El plugin de WordPress TaxoPress - Create and Manage Taxonomies, Tags, Categories antes de la versi\u00f3n 3.0.7.2 no sanea su campo de descripci\u00f3n de la taxonom\u00eda, lo que permite a los usuarios con privilegios elevados establecer la carga \u00fatil de JavaScript en ellos incluso cuando la capacidad unfiltered_html no est\u00e1 permitida, lo que conduce a un problema de Cross-Site Scripting almacenado autenticado\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"contact@wpscan.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:taxopress:taxopress:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"3.0.7.2\",\"matchCriteriaId\":\"497C32FE-EE50-435D-A60E-0C7EC9D5B7A9\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/164604/WordPress-TaxoPress-3.0.7.1-Cross-Site-Scripting.html\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://wpscan.com/vulnerability/a31321fe-adc6-4480-a220-35aedca52b8b\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/164604/WordPress-TaxoPress-3.0.7.1-Cross-Site-Scripting.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://wpscan.com/vulnerability/a31321fe-adc6-4480-a220-35aedca52b8b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.