CVE-2021-24635

Published: Sep 20, 2021Modified: Nov 21, 2024

5.4

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.5

Source: NVD

Description

The Visual Link Preview WordPress plugin before 2.2.3 does not enforce authorisation on several AJAX actions and has the CSRF nonce displayed for all authenticated users, allowing any authenticated user (such as subscriber) to call them and 1) Get and search through title and content of Draft post, 2) Get title of a password-protected post as well as 3) Upload an image from an URL

Affected (1)

Products: Bootstrapped: Visual Link Preview

1 product

Visual Link Preview

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Bootstrapped Visual Link Preview	Before 2.2.3

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (2)

https://wpscan.com/vulnerability/854b23d9-e3f8-4835-8d29-140c580f11c9

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/854b23d9-e3f8-4835-8d29-140c580f11c9

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.