cvelistv5 - cve-2022-1756

CVE-2022-1756 (GCVE-0-2022-1756)

Vulnerability from cvelistv5 – Published: 2022-06-13 12:42 – Updated: 2024-08-03 00:16

Title

Newsletter < 7.4.5 - Reflected Cross-Site Scripting

Summary

The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER['REQUEST_URI'] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below.

Severity ?

No CVSS data available.

CWE

CWE-79 - Cross-site Scripting (XSS)

Assigner

WPScan

References

URL

Tags

https://wpscan.com/vulnerability/6ad407fe-db2b-41…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Unknown	Newsletter – Send awesome emails from WordPress	Affected: 7.4.5 , < 7.4.5 (custom)

Credits

PHYO WIN SHEIN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:16:59.701Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Newsletter \u2013 Send awesome emails from WordPress",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "7.4.5",
              "status": "affected",
              "version": "7.4.5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "PHYO WIN SHEIN"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross-site Scripting (XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-13T12:42:33",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Newsletter \u003c 7.4.5 - Reflected Cross-Site Scripting",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2022-1756",
          "STATE": "PUBLIC",
          "TITLE": "Newsletter \u003c 7.4.5 - Reflected Cross-Site Scripting"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Newsletter \u2013 Send awesome emails from WordPress",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.4.5",
                            "version_value": "7.4.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "PHYO WIN SHEIN"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below."
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79 Cross-site Scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072",
              "refsource": "MISC",
              "url": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2022-1756",
    "datePublished": "2022-06-13T12:42:33",
    "dateReserved": "2022-05-17T00:00:00",
    "dateUpdated": "2024-08-03T00:16:59.701Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:thenewsletterplugin:newsletter:*:*:*:*:*:wordpress:*:*\", \"versionEndExcluding\": \"7.4.5\", \"matchCriteriaId\": \"9D88303E-C2A7-43EE-B669-13EDC1962A18\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below.\"}, {\"lang\": \"es\", \"value\": \"El plugin Newsletter de WordPress versiones anteriores a 7.4.5, no sanea y escapa el $_SERVER[\\\"REQUEST_URI\\\"] antes de devolverlo en las p\\u00e1ginas de administraci\\u00f3n. Aunque esto usa addslashes, y la mayor\\u00eda de los navegadores modernos autom\\u00e1ticamente URLEncode peticiones, esto sigue siendo vulnerable a un ataque de tipo XSS Reflejado en los navegadores m\\u00e1s antiguos como Internet Explorer 9 o anteriores\"}]",
      "id": "CVE-2022-1756",
      "lastModified": "2024-11-21T06:41:24.023",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2022-06-13T13:15:11.987",
      "references": "[{\"url\": \"https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "contact@wpscan.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"contact@wpscan.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-1756\",\"sourceIdentifier\":\"contact@wpscan.com\",\"published\":\"2022-06-13T13:15:11.987\",\"lastModified\":\"2024-11-21T06:41:24.023\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below.\"},{\"lang\":\"es\",\"value\":\"El plugin Newsletter de WordPress versiones anteriores a 7.4.5, no sanea y escapa el $_SERVER[\\\"REQUEST_URI\\\"] antes de devolverlo en las p\u00e1ginas de administraci\u00f3n. Aunque esto usa addslashes, y la mayor\u00eda de los navegadores modernos autom\u00e1ticamente URLEncode peticiones, esto sigue siendo vulnerable a un ataque de tipo XSS Reflejado en los navegadores m\u00e1s antiguos como Internet Explorer 9 o anteriores\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"contact@wpscan.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:thenewsletterplugin:newsletter:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"7.4.5\",\"matchCriteriaId\":\"9D88303E-C2A7-43EE-B669-13EDC1962A18\"}]}]}],\"references\":[{\"url\":\"https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}

GSD-2022-1756

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-1756

Aliases

CVE-2022-1756

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-1756",
    "description": "The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below.",
    "id": "GSD-2022-1756"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-1756"
      ],
      "details": "The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below.",
      "id": "GSD-2022-1756",
      "modified": "2023-12-13T01:19:28.156741Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "contact@wpscan.com",
        "ID": "CVE-2022-1756",
        "STATE": "PUBLIC",
        "TITLE": "Newsletter \u003c 7.4.5 - Reflected Cross-Site Scripting"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Newsletter \u2013 Send awesome emails from WordPress",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "7.4.5",
                          "version_value": "7.4.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Unknown"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "PHYO WIN SHEIN"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below."
          }
        ]
      },
      "generator": "WPScan CVE Generator",
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-79 Cross-site Scripting (XSS)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072",
            "refsource": "MISC",
            "url": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072"
          }
        ]
      },
      "source": {
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:thenewsletterplugin:newsletter:*:*:*:*:*:wordpress:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2022-1756"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2022-06-22T19:44Z",
      "publishedDate": "2022-06-13T13:15Z"
    }
  }
}

JVNDB-2022-000057

Vulnerability from jvndb - Published: 2022-07-25 14:30 - Updated:2024-06-18 11:21

Severity ?

6.1 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

WordPress Plugin "Newsletter" vulnerable to cross-site scripting

Details

WordPress Plugin "Newsletter" provided by Stefano Lissa & The Newsletter Team contains a cross-site scripting vulnerability (CWE-79). Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN77850327/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-1756
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-1756
	Related document	https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

Stefano Lissa & The Newsletter Team

Newsletter

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000057.html",
  "dc:date": "2024-06-18T11:21+09:00",
  "dcterms:issued": "2022-07-25T14:30+09:00",
  "dcterms:modified": "2024-06-18T11:21+09:00",
  "description": "WordPress Plugin \"Newsletter\" provided by Stefano Lissa \u0026 The Newsletter Team contains a cross-site scripting vulnerability (CWE-79).\r\n\r\nGen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000057.html",
  "sec:cpe": {
    "#text": "cpe:/a:thenewsletterplugin:newsletter",
    "@product": "Newsletter",
    "@vendor": "Stefano Lissa \u0026 The Newsletter Team",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "2.6",
      "@severity": "Low",
      "@type": "Base",
      "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
      "@version": "2.0"
    },
    {
      "@score": "6.1",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2022-000057",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN77850327/index.html",
      "@id": "JVN#77850327",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-1756",
      "@id": "CVE-2022-1756",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-1756",
      "@id": "CVE-2022-1756",
      "@source": "NVD"
    },
    {
      "#text": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072",
      "@id": "WPScan Vulnerability Database : WordPress Plugin Vulnerabilities | Newsletter \u003c 7.4.5 - Reflected Cross-Site Scripting",
      "@source": "Related document"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "WordPress Plugin \"Newsletter\" vulnerable to cross-site scripting"
}

GHSA-MG6C-VWVQ-75R2

Vulnerability from github – Published: 2022-06-14 00:00 – Updated: 2022-06-23 00:00

Details

Severity ?

6.1 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-1756"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-13T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below.",
  "id": "GHSA-mg6c-vwvq-75r2",
  "modified": "2022-06-23T00:00:22Z",
  "published": "2022-06-14T00:00:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1756"
    },
    {
      "type": "WEB",
      "url": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2022-55704

Vulnerability from cnvd - Published: 2022-08-10

Title

WordPress Newsletter plugin跨站脚本漏洞

Description

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress Newsletter plugin 7.4.5之前版本存在跨站脚本漏洞，该漏洞源于在将 REQUEST_URI回显到管理页面之前不会对其进行清理和转义。攻击者可利用该漏洞在客户端执行JavaScript代码。

Severity

中

Patch Name

WordPress Newsletter plugin跨站脚本漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072

Reference

https://nvd.nist.gov/vuln/detail/CVE-2022-1756

Impacted products

Name
WordPress Newsletter plugin <7.4.5

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-1756",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-1756"
    }
  },
  "description": "WordPress\u548cWordPress plugin\u90fd\u662fWordPress\u57fa\u91d1\u4f1a\u7684\u4ea7\u54c1\u3002WordPress\u662f\u4e00\u5957\u4f7f\u7528PHP\u8bed\u8a00\u5f00\u53d1\u7684\u535a\u5ba2\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u652f\u6301\u5728PHP\u548cMySQL\u7684\u670d\u52a1\u5668\u4e0a\u67b6\u8bbe\u4e2a\u4eba\u535a\u5ba2\u7f51\u7ad9\u3002WordPress plugin\u662f\u4e00\u4e2a\u5e94\u7528\u63d2\u4ef6\u3002\n\nWordPress Newsletter plugin 7.4.5\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u5c06 REQUEST_URI\u56de\u663e\u5230\u7ba1\u7406\u9875\u9762\u4e4b\u524d\u4e0d\u4f1a\u5bf9\u5176\u8fdb\u884c\u6e05\u7406\u548c\u8f6c\u4e49\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5ba2\u6237\u7aef\u6267\u884cJavaScript\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-55704",
  "openTime": "2022-08-10",
  "patchDescription": "WordPress\u548cWordPress plugin\u90fd\u662fWordPress\u57fa\u91d1\u4f1a\u7684\u4ea7\u54c1\u3002WordPress\u662f\u4e00\u5957\u4f7f\u7528PHP\u8bed\u8a00\u5f00\u53d1\u7684\u535a\u5ba2\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u652f\u6301\u5728PHP\u548cMySQL\u7684\u670d\u52a1\u5668\u4e0a\u67b6\u8bbe\u4e2a\u4eba\u535a\u5ba2\u7f51\u7ad9\u3002WordPress plugin\u662f\u4e00\u4e2a\u5e94\u7528\u63d2\u4ef6\u3002\r\n\r\nWordPress Newsletter plugin 7.4.5\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u5c06 REQUEST_URI\u56de\u663e\u5230\u7ba1\u7406\u9875\u9762\u4e4b\u524d\u4e0d\u4f1a\u5bf9\u5176\u8fdb\u884c\u6e05\u7406\u548c\u8f6c\u4e49\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5ba2\u6237\u7aef\u6267\u884cJavaScript\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "WordPress Newsletter plugin\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "WordPress Newsletter plugin \u003c7.4.5"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-1756",
  "serverity": "\u4e2d",
  "submitTime": "2022-06-15",
  "title": "WordPress Newsletter plugin\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

FKIE_CVE-2022-1756

Vulnerability from fkie_nvd - Published: 2022-06-13 13:15 - Updated: 2024-11-21 06:41

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	contact@wpscan.com	https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072	Exploit, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	thenewsletterplugin	newsletter	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:thenewsletterplugin:newsletter:*:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "9D88303E-C2A7-43EE-B669-13EDC1962A18",
              "versionEndExcluding": "7.4.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[\u0027REQUEST_URI\u0027] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below."
    },
    {
      "lang": "es",
      "value": "El plugin Newsletter de WordPress versiones anteriores a 7.4.5, no sanea y escapa el $_SERVER[\"REQUEST_URI\"] antes de devolverlo en las p\u00e1ginas de administraci\u00f3n. Aunque esto usa addslashes, y la mayor\u00eda de los navegadores modernos autom\u00e1ticamente URLEncode peticiones, esto sigue siendo vulnerable a un ataque de tipo XSS Reflejado en los navegadores m\u00e1s antiguos como Internet Explorer 9 o anteriores"
    }
  ],
  "id": "CVE-2022-1756",
  "lastModified": "2024-11-21T06:41:24.023",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-06-13T13:15:11.987",
  "references": [
    {
      "source": "contact@wpscan.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://wpscan.com/vulnerability/6ad407fe-db2b-41fb-834b-dd8c4f62b072"
    }
  ],
  "sourceIdentifier": "contact@wpscan.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "contact@wpscan.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-1756 (GCVE-0-2022-1756)

GSD-2022-1756

JVNDB-2022-000057

GHSA-MG6C-VWVQ-75R2

CNVD-2022-55704

FKIE_CVE-2022-1756

Tags

Sightings

Nomenclature