fkie_nvd - fkie_cve-2019-16931

fkie_cve-2019-16931

Vulnerability from fkie_nvd

Published

2019-10-03 19:15

Modified

2024-11-21 04:31

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard. This occurs because classes/Visualizer/Gutenberg/Block.php registers wp-json/visualizer/v1/update-chart with no access control, and classes/Visualizer/Render/Page/Data.php lacks output sanitization.

References

URL	Tags
cve@mitre.org	https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrf	Exploit, Third Party Advisory
cve@mitre.org	https://wordpress.org/plugins/visualizer/#developers	Product, Release Notes
cve@mitre.org	https://wpvulndb.com/vulnerabilities/9893	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrf	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://wordpress.org/plugins/visualizer/#developers	Product, Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://wpvulndb.com/vulnerabilities/9893	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	themeisle	visualizer	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:themeisle:visualizer:*:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "B551854D-5A5F-4BA2-AE1A-6125A8526596",
              "versionEndIncluding": "3.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard. This occurs because classes/Visualizer/Gutenberg/Block.php registers wp-json/visualizer/v1/update-chart with no access control, and classes/Visualizer/Render/Page/Data.php lacks output sanitization."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo XSS almacenada en el plugin Visualizer versi\u00f3n 3.3.0 para WordPress, permite a un atacante no autenticado ejecutar JavaScript arbitrario cuando un administrador u otro usuario privilegiado edita la tabla por medio del panel de administraci\u00f3n. Esto ocurre porque classes/Visualizer/Gutenberg/Block.php registra wp-json/visualizer/v1/update-chart sin control de acceso, y classes/Visualizer/Render/Page/Data.php carece de saneamiento de la salida."
    }
  ],
  "id": "CVE-2019-16931",
  "lastModified": "2024-11-21T04:31:22.267",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-03T19:15:09.770",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product",
        "Release Notes"
      ],
      "url": "https://wordpress.org/plugins/visualizer/#developers"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://wpvulndb.com/vulnerabilities/9893"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Release Notes"
      ],
      "url": "https://wordpress.org/plugins/visualizer/#developers"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://wpvulndb.com/vulnerabilities/9893"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2019-16931 (GCVE-0-2019-16931)

Vulnerability from cvelistv5

Published

2019-10-03 18:34

Modified

2024-08-05 01:24