{"containers": {"cna": {"affected": [{"product": "WPBakery Page Builder (Visual Composer) Clipboard", "vendor": "bitorbit", "versions": [{"lessThan": "4.5.0*", "status": "affected", "version": "4.5.0", "versionType": "custom"}, {"lessThan": "4.5.8", "status": "affected", "version": "4.5.8", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Charles Strader Sweethill"}], "descriptions": [{"lang": "en", "value": "An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options (key, email)."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-05T18:39:42.000Z", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://codecanyon.net/item/visual-composer-clipboard/8897711"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://wpscan.com/vulnerability/354b98d8-46a1-4189-b347-198701ea59b9"}], "source": {"discovery": "UNKNOWN"}, "title": "WPBakery Page Builder Clipboard < 4.5.8 - Unauthorised Arbitrary License Options Update", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24244", "STATE": "PUBLIC", "TITLE": "WPBakery Page Builder Clipboard < 4.5.8 - Unauthorised Arbitrary License Options Update"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "WPBakery Page Builder (Visual Composer) Clipboard", "version": {"version_data": [{"version_affected": ">=", "version_name": "4.5.0", "version_value": "4.5.0"}, {"version_affected": "<", "version_name": "4.5.8", "version_value": "4.5.8"}]}}]}, "vendor_name": "bitorbit"}]}}, "credit": [{"lang": "eng", "value": "Charles Strader Sweethill"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options (key, email)."}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-863 Incorrect Authorization"}]}]}, "references": {"reference_data": [{"name": "https://codecanyon.net/item/visual-composer-clipboard/8897711", "refsource": "MISC", "url": "https://codecanyon.net/item/visual-composer-clipboard/8897711"}, {"name": "https://wpscan.com/vulnerability/354b98d8-46a1-4189-b347-198701ea59b9", "refsource": "CONFIRM", "url": "https://wpscan.com/vulnerability/354b98d8-46a1-4189-b347-198701ea59b9"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T19:21:18.915Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://codecanyon.net/item/visual-composer-clipboard/8897711"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://wpscan.com/vulnerability/354b98d8-46a1-4189-b347-198701ea59b9"}]}]}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24244", "datePublished": "2021-05-05T18:39:42.000Z", "dateReserved": "2021-01-14T00:00:00.000Z", "dateUpdated": "2024-08-03T19:21:18.915Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wpbakery_page_builder_clipboard_project:wpbakery_page_builder_clipboard:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "558234C3-50D8-4F60-B5D9-7FD92298EB8F", "versionEndExcluding": "4.5.8", "versionStartIncluding": "4.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options (key, email)."}, {"lang": "es", "value": "Una acci\u00f3n AJAX registrada por el plugin WPBakery Page Builder (Visual Composer) Clipboard WordPress versiones anteriores a 4.5.8, no ten\u00eda verificaciones de capacidad, permitiendo a usuarios con privilegios bajos, como los suscriptores, actualizar las opciones de licencia (clave, correo electr\u00f3nico)"}], "id": "CVE-2021-24244", "lastModified": "2024-11-21T05:52:40.533", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-06T13:15:11.497", "references": [{"source": "contact@wpscan.com", "tags": ["Product", "Third Party Advisory"], "url": "https://codecanyon.net/item/visual-composer-clipboard/8897711"}, {"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/354b98d8-46a1-4189-b347-198701ea59b9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Third Party Advisory"], "url": "https://codecanyon.net/item/visual-composer-clipboard/8897711"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/354b98d8-46a1-4189-b347-198701ea59b9"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "contact@wpscan.com", "type": "Secondary"}]}

{}

{}