CVE-2021-25042 - OpenCVE

The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, or make a logged in user do it via a CSRF attack and add an arbitrary IP address to exclude. Furthermore, due to the lack of validation, sanitisation and escaping, users could set a malicious value and perform Cross-Site Scripting attacks against logged in admin

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Plugins-market	Wp Visitor Statistics \(real Time Traffic\)

Configuration 1 [-]

cpe:2.3:a:plugins-market:wp_visitor_statistics_\(real_time_traffic\):*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://wpscan.com/vulnerability/05b9e478-2d3b-4460-88c1-7f81d3a68ac4

History

No history.

MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-02-28T09:06:33

Updated: 2024-08-03T19:49:14.590Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-25042

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-02-28T09:15:08.580

Modified: 2022-03-08T16:56:54.080

Link: CVE-2021-25042

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "WP Visitor Statistics (Real Time Traffic)", "vendor": "Unknown", "versions": [{"lessThan": "5.5", "status": "affected", "version": "5.5", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Krzysztof Zaj\u0105c"}], "descriptions": [{"lang": "en", "value": "The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, or make a logged in user do it via a CSRF attack and add an arbitrary IP address to exclude. Furthermore, due to the lack of validation, sanitisation and escaping, users could set a malicious value and perform Cross-Site Scripting attacks against logged in admin"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-02-28T09:06:33", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/05b9e478-2d3b-4460-88c1-7f81d3a68ac4"}], "source": {"discovery": "EXTERNAL"}, "title": "WP Visitor Statistics (Real Time Traffic) < 5.5 - Arbitrary IP Address Exclusion to Stored XSS", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-25042", "STATE": "PUBLIC", "TITLE": "WP Visitor Statistics (Real Time Traffic) < 5.5 - Arbitrary IP Address Exclusion to Stored XSS"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "WP Visitor Statistics (Real Time Traffic)", "version": {"version_data": [{"version_affected": "<", "version_name": "5.5", "version_value": "5.5"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Krzysztof Zaj\u0105c"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, or make a logged in user do it via a CSRF attack and add an arbitrary IP address to exclude. Furthermore, due to the lack of validation, sanitisation and escaping, users could set a malicious value and perform Cross-Site Scripting attacks against logged in admin"}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-862 Missing Authorization"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/05b9e478-2d3b-4460-88c1-7f81d3a68ac4", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/05b9e478-2d3b-4460-88c1-7f81d3a68ac4"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T19:49:14.590Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wpscan.com/vulnerability/05b9e478-2d3b-4460-88c1-7f81d3a68ac4"}]}]}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-25042", "datePublished": "2022-02-28T09:06:33", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2024-08-03T19:49:14.590Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:plugins-market:wp_visitor_statistics_\\(real_time_traffic\\):*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "4D6E6790-B938-4360-8234-EC9AFADC3689", "versionEndExcluding": "5.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, or make a logged in user do it via a CSRF attack and add an arbitrary IP address to exclude. Furthermore, due to the lack of validation, sanitisation and escaping, users could set a malicious value and perform Cross-Site Scripting attacks against logged in admin"}, {"lang": "es", "value": "El plugin WP Visitor Statistics (Real Time Traffic) de WordPress versiones anteriores a 5.5, no presenta comprobaciones de autorizaci\u00f3n y CSRF en la acci\u00f3n AJAX updateIpAddress, permitiendo a cualquier usuario autenticado llamarla, o hacer que un usuario conectado lo haga por medio de un ataque de tipo CSRF y a\u00f1ada una direcci\u00f3n IP arbitraria para excluirla. Adem\u00e1s, debido a una falta de comprobaci\u00f3n, saneo y escape, los usuarios podr\u00edan establecer un valor malicioso y llevar a cabo ataques de tipo Cross-Site Scripting contra el administrador conectado."}], "id": "CVE-2021-25042", "lastModified": "2022-03-08T16:56:54.080", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-28T09:15:08.580", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/05b9e478-2d3b-4460-88c1-7f81d3a68ac4"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "contact@wpscan.com", "type": "Primary"}]}