CVE-2022-1208 (GCVE-0-2022-1208)
Vulnerability from cvelistv5
Published
2022-06-13 12:43
Modified
2024-08-02 23:55
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
CWE
Summary
The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected back on the page. This affects versions up to, and including, 2.3.2. Please note this issue was only partially fixed in version 2.3.2.
References
security@wordfence.comhttps://github.com/H4de5-7/vulnerabilities/blob/main/Ultimate%20Member%20%3C%3D%202.3.1%20-%20Stored%20Cross-Site%20Scripting.mdExploit, Third Party Advisory
security@wordfence.comhttps://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2735896%40ultimate-member&new=2735896%40ultimate-member&sfp_email=&sfph_mail=Patch, Third Party Advisory
security@wordfence.comhttps://www.wordfence.com/threat-intel/vulnerabilities/id/93cf6dce-892e-4106-bb37-b7952e5ea5a1?source=cve
security@wordfence.comhttps://www.wordfence.com/vulnerability-advisories/#CVE-2022-1208Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/H4de5-7/vulnerabilities/blob/main/Ultimate%20Member%20%3C%3D%202.3.1%20-%20Stored%20Cross-Site%20Scripting.mdExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2735896%40ultimate-member&new=2735896%40ultimate-member&sfp_email=&sfph_mail=Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.wordfence.com/threat-intel/vulnerabilities/id/93cf6dce-892e-4106-bb37-b7952e5ea5a1?source=cve
af854a3a-2127-422b-91ae-364da2661108https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1208Third Party Advisory
Impacted products
Vendor Product Version
ultimatemember Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Version: *    2.3.2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:55:24.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93cf6dce-892e-4106-bb37-b7952e5ea5a1?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/H4de5-7/vulnerabilities/blob/main/Ultimate%20Member%20%3C%3D%202.3.1%20-%20Stored%20Cross-Site%20Scripting.md"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2735896%40ultimate-member\u0026new=2735896%40ultimate-member\u0026sfp_email=\u0026sfph_mail="
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1208"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction \u0026 Membership Plugin",
          "vendor": "ultimatemember",
          "versions": [
            {
              "lessThanOrEqual": "2.3.2",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Ruijie Li"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected back on the page. This affects versions up to, and including, 2.3.2. Please note this issue was only partially fixed in version 2.3.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-11T08:32:47.623Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93cf6dce-892e-4106-bb37-b7952e5ea5a1?source=cve"
        },
        {
          "url": "https://github.com/H4de5-7/vulnerabilities/blob/main/Ultimate%20Member%20%3C%3D%202.3.1%20-%20Stored%20Cross-Site%20Scripting.md"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2735896%40ultimate-member\u0026new=2735896%40ultimate-member\u0026sfp_email=\u0026sfph_mail="
        },
        {
          "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1208"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2022-03-21T00:00:00.000+00:00",
          "value": "Disclosed"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2022-1208",
    "datePublished": "2022-06-13T12:43:38",
    "dateReserved": "2022-04-01T00:00:00",
    "dateUpdated": "2024-08-02T23:55:24.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-1208\",\"sourceIdentifier\":\"security@wordfence.com\",\"published\":\"2022-06-13T13:15:10.697\",\"lastModified\":\"2024-11-21T06:40:15.487\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected back on the page. This affects versions up to, and including, 2.3.2. Please note this issue was only partially fixed in version 2.3.2.\"},{\"lang\":\"es\",\"value\":\"El plugin Ultimate Member para WordPress es vulnerable a un ataque de tipo Cross-Site Scripting Almacenado por medio del campo Biography que aparece en las p\u00e1ginas de perfil de usuarios individuales debido a un saneo insuficiente de la entrada y escape de la salida que permite a usuarios codificar scripts web maliciosos con codificaci\u00f3n HTML que es reflejada en la p\u00e1gina. Esto afecta a versiones hasta la 2.3.2 incluy\u00e9ndola. Tenga en cuenta que este problema fue parcialmente corregido en versi\u00f3n 2.3.2 y posteriormente fue parcheado por completo en versi\u00f3n 2.3.3\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@wordfence.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*\",\"versionEndIncluding\":\"2.3.2\",\"matchCriteriaId\":\"BFEBC6F2-DAA4-43A3-A9FF-FE4AB2C137CA\"}]}]}],\"references\":[{\"url\":\"https://github.com/H4de5-7/vulnerabilities/blob/main/Ultimate%20Member%20%3C%3D%202.3.1%20-%20Stored%20Cross-Site%20Scripting.md\",\"source\":\"security@wordfence.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2735896%40ultimate-member\u0026new=2735896%40ultimate-member\u0026sfp_email=\u0026sfph_mail=\",\"source\":\"security@wordfence.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/93cf6dce-892e-4106-bb37-b7952e5ea5a1?source=cve\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1208\",\"source\":\"security@wordfence.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/H4de5-7/vulnerabilities/blob/main/Ultimate%20Member%20%3C%3D%202.3.1%20-%20Stored%20Cross-Site%20Scripting.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2735896%40ultimate-member\u0026new=2735896%40ultimate-member\u0026sfp_email=\u0026sfph_mail=\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/93cf6dce-892e-4106-bb37-b7952e5ea5a1?source=cve\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1208\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.