CVE-2021-24834 - OpenCVE

The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to insufficient validation of custom label parameters - vote button label , results link label and back to vote caption label.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Yop-poll	Yop Poll

Configuration 1 [-]

cpe:2.3:a:yop-poll:yop_poll:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/changeset/2605368
https://wpscan.com/vulnerability/72f58b14-e5cb-4f1c-a16f-621238c6ebbf
https://www.fortiguard.com/zeroday/FG-VD-21-053

History

No history.

MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2021-11-17T10:15:47

Updated: 2024-08-03T19:42:17.214Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24834

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-11-17T11:15:08.160

Modified: 2021-11-18T20:40:45.283

Link: CVE-2021-24834

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "YOP Poll", "vendor": "Unknown", "versions": [{"lessThan": "6.3.1", "status": "affected", "version": "6.3.1", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Vishnupriya Ilango"}], "descriptions": [{"lang": "en", "value": "The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to insufficient validation of custom label parameters - vote button label , results link label and back to vote caption label."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Cross-site Scripting (XSS)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-11-17T10:15:47", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://plugins.trac.wordpress.org/changeset/2605368"}, {"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/72f58b14-e5cb-4f1c-a16f-621238c6ebbf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.fortiguard.com/zeroday/FG-VD-21-053"}], "source": {"discovery": "EXTERNAL"}, "title": "YOP Poll < 6.3.1 - Author+ Stored Cross-Site Scripting via Options Module", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24834", "STATE": "PUBLIC", "TITLE": "YOP Poll < 6.3.1 - Author+ Stored Cross-Site Scripting via Options Module"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "YOP Poll", "version": {"version_data": [{"version_affected": "<", "version_name": "6.3.1", "version_value": "6.3.1"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Vishnupriya Ilango"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to insufficient validation of custom label parameters - vote button label , results link label and back to vote caption label."}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 Cross-site Scripting (XSS)"}]}]}, "references": {"reference_data": [{"name": "https://plugins.trac.wordpress.org/changeset/2605368", "refsource": "CONFIRM", "url": "https://plugins.trac.wordpress.org/changeset/2605368"}, {"name": "https://wpscan.com/vulnerability/72f58b14-e5cb-4f1c-a16f-621238c6ebbf", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/72f58b14-e5cb-4f1c-a16f-621238c6ebbf"}, {"name": "https://www.fortiguard.com/zeroday/FG-VD-21-053", "refsource": "MISC", "url": "https://www.fortiguard.com/zeroday/FG-VD-21-053"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T19:42:17.214Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://plugins.trac.wordpress.org/changeset/2605368"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wpscan.com/vulnerability/72f58b14-e5cb-4f1c-a16f-621238c6ebbf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.fortiguard.com/zeroday/FG-VD-21-053"}]}]}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24834", "datePublished": "2021-11-17T10:15:47", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2024-08-03T19:42:17.214Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:yop-poll:yop_poll:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "87834720-D115-4676-B2CD-E2DE6B7EE8DF", "versionEndExcluding": "6.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to insufficient validation of custom label parameters - vote button label , results link label and back to vote caption label."}, {"lang": "es", "value": "El plugin YOP Poll de WordPress versiones anteriores a 6.3.1, est\u00e1 afectado por una vulnerabilidad de tipo Cross-Site Scripting almacenada que se presenta en el m\u00f3dulo Create Poll - Options donde un usuario con un rol tan bajo como el de autor puede ejecutar c\u00f3digo script arbitrario dentro del contexto de la aplicaci\u00f3n. Esta vulnerabilidad es debido a que no se comprueban suficientemente los par\u00e1metros de las etiquetas personalizadas: la etiqueta del bot\u00f3n de votaci\u00f3n, la etiqueta del enlace de resultados y la etiqueta del t\u00edtulo de vuelta a la votaci\u00f3n"}], "id": "CVE-2021-24834", "lastModified": "2021-11-18T20:40:45.283", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-11-17T11:15:08.160", "references": [{"source": "contact@wpscan.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset/2605368"}, {"source": "contact@wpscan.com", "tags": ["Third Party Advisory"], "url": "https://wpscan.com/vulnerability/72f58b14-e5cb-4f1c-a16f-621238c6ebbf"}, {"source": "contact@wpscan.com", "tags": ["Third Party Advisory"], "url": "https://www.fortiguard.com/zeroday/FG-VD-21-053"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "contact@wpscan.com", "type": "Primary"}]}