CVE-2020-36719 - OpenCVE

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lp_cc_addons_actions function. This makes it possible for unauthenticated attackers to arbitrarily install, activate and deactivate any plugin.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cridio	Listingpro

Configuration 1 [-]

cpe:2.3:a:cridio:listingpro:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://blog.nintechnet.com/wordpress-listingpro-theme-fixed-a-critical-vulnerability/
https://themeforest.net/item/listingpro-multipurpose-directory-theme/19386460
https://www.wordfence.com/threat-intel/vulnerabilities/id/a08fa649-3092-4c26-a009-2dd576b9b1ac?source=cve

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2023-06-07T01:51:34.896Z

Updated: 2024-08-04T17:37:06.576Z

Reserved: 2023-06-06T13:05:35.526Z

Link: CVE-2020-36719

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-06-07T02:15:12.173

Modified: 2023-11-07T03:22:29.330

Link: CVE-2020-36719

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2020-36719", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2023-06-06T13:05:35.526Z", "datePublished": "2023-06-07T01:51:34.896Z", "dateUpdated": "2024-08-04T17:37:06.576Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-06-07T01:51:34.896Z"}, "affected": [{"vendor": "n/a", "product": "ListingPro - WordPress Directory & Listing Theme", "versions": [{"version": "*", "status": "affected", "lessThan": "2.6.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lp_cc_addons_actions function. This makes it possible for unauthenticated attackers to arbitrarily install, activate and deactivate any plugin."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a08fa649-3092-4c26-a009-2dd576b9b1ac?source=cve"}, {"url": "https://blog.nintechnet.com/wordpress-listingpro-theme-fixed-a-critical-vulnerability/"}, {"url": "https://themeforest.net/item/listingpro-multipurpose-directory-theme/19386460"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "type": "finder", "value": "Jerome Bruandet"}], "timeline": [{"time": "2020-12-17T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:37:06.576Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a08fa649-3092-4c26-a009-2dd576b9b1ac?source=cve", "tags": ["x_transferred"]}, {"url": "https://blog.nintechnet.com/wordpress-listingpro-theme-fixed-a-critical-vulnerability/", "tags": ["x_transferred"]}, {"url": "https://themeforest.net/item/listingpro-multipurpose-directory-theme/19386460", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cridio:listingpro:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "F4C3D187-FCC4-4E9E-BBE8-39D3EADB9C8A", "versionEndIncluding": "2.6.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lp_cc_addons_actions function. This makes it possible for unauthenticated attackers to arbitrarily install, activate and deactivate any plugin."}], "id": "CVE-2020-36719", "lastModified": "2023-11-07T03:22:29.330", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2023-06-07T02:15:12.173", "references": [{"source": "security@wordfence.com", "tags": ["Exploit"], "url": "https://blog.nintechnet.com/wordpress-listingpro-theme-fixed-a-critical-vulnerability/"}, {"source": "security@wordfence.com", "tags": ["Product"], "url": "https://themeforest.net/item/listingpro-multipurpose-directory-theme/19386460"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a08fa649-3092-4c26-a009-2dd576b9b1ac?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}