CVE-2018-16363 - OpenCVE

The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\wpfilemanager.php.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Webdesi9	File Manager

Configuration 1 [-]

cpe:2.3:a:webdesi9:file_manager:2.9:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
http://blog.51cto.com/010bjsoft/2171087
https://plugins.trac.wordpress.org/changeset/1936043
https://wordpress.org/support/topic/security-concern-6/#post-10655739
https://wpvulndb.com/vulnerabilities/9126

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-09-07T22:00:00

Updated: 2024-08-05T10:24:32.343Z

Reserved: 2018-09-02T00:00:00

Link: CVE-2018-16363

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-09-07T22:29:01.947

Modified: 2018-11-06T20:28:28.590

Link: CVE-2018-16363

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-09-04T00:00:00", "descriptions": [{"lang": "en", "value": "The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\\wpfilemanager.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-10T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://blog.51cto.com/010bjsoft/2171087"}, {"tags": ["x_refsource_MISC"], "url": "https://plugins.trac.wordpress.org/changeset/1936043"}, {"tags": ["x_refsource_MISC"], "url": "https://wpvulndb.com/vulnerabilities/9126"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://wordpress.org/support/topic/security-concern-6/#post-10655739"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16363", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\\wpfilemanager.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://blog.51cto.com/010bjsoft/2171087", "refsource": "MISC", "url": "http://blog.51cto.com/010bjsoft/2171087"}, {"name": "https://plugins.trac.wordpress.org/changeset/1936043", "refsource": "MISC", "url": "https://plugins.trac.wordpress.org/changeset/1936043"}, {"name": "https://wpvulndb.com/vulnerabilities/9126", "refsource": "MISC", "url": "https://wpvulndb.com/vulnerabilities/9126"}, {"name": "https://wordpress.org/support/topic/security-concern-6/#post-10655739", "refsource": "CONFIRM", "url": "https://wordpress.org/support/topic/security-concern-6/#post-10655739"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T10:24:32.343Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blog.51cto.com/010bjsoft/2171087"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://plugins.trac.wordpress.org/changeset/1936043"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wpvulndb.com/vulnerabilities/9126"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://wordpress.org/support/topic/security-concern-6/#post-10655739"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-16363", "datePublished": "2018-09-07T22:00:00", "dateReserved": "2018-09-02T00:00:00", "dateUpdated": "2024-08-05T10:24:32.343Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webdesi9:file_manager:2.9:*:*:*:*:wordpress:*:*", "matchCriteriaId": "EED093EA-6D1C-4999-A260-C0170B5702BB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\\wpfilemanager.php."}, {"lang": "es", "value": "El plugin mndpsingh287 File Manager V2.9 para WordPress tiene Cross-Site Scripting (XSS) mediante el par\u00e1metro lang en una petici\u00f3n wp-admin/admin.php?page=wp_file_manager debido a que se emplea set_transient en file_folder_manager.php y hay un eco de lang en lib\\wpfilemanager.php."}], "id": "CVE-2018-16363", "lastModified": "2018-11-06T20:28:28.590", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-07T22:29:01.947", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "http://blog.51cto.com/010bjsoft/2171087"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset/1936043"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://wordpress.org/support/topic/security-concern-6/#post-10655739"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://wpvulndb.com/vulnerabilities/9126"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}