CVE-2022-0236 - OpenCVE

The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Vjinfotech	Wp Import Export Wp Import Export Lite

Configuration 1 [-]

OR	cpe:2.3:a:vjinfotech:wp_import_export::::::wordpress::*
	cpe:2.3:a:vjinfotech:wp_import_export_lite::::::wordpress::*

No data.

References

Link	Providers
https://github.com/qurbat/CVE-2022-0236
https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php
https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2022-01-18T16:52:22

Updated: 2024-08-02T23:18:42.926Z

Reserved: 2022-01-14T00:00:00

Link: CVE-2022-0236

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-01-18T17:15:10.600

Modified: 2022-01-24T17:29:42.847

Link: CVE-2022-0236

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "WP Import Export", "vendor": "vjinfotech", "versions": [{"lessThanOrEqual": "3.9.15", "status": "affected", "version": "3.9.15", "versionType": "custom"}]}, {"product": "WP Import Export Lite", "vendor": "vjinfotech", "versions": [{"lessThanOrEqual": "3.9.15", "status": "affected", "version": "3.9.15", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Karan Saini (Kloudle Inc.)"}], "descriptions": [{"lang": "en", "value": "The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-01-18T16:52:22", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236"}, {"tags": ["x_refsource_MISC"], "url": "https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/qurbat/CVE-2022-0236"}], "solutions": [{"lang": "en", "value": "Update to version 3.9.16, or newer. "}], "source": {"discovery": "EXTERNAL"}, "title": "WP Import Export (Lite) <= 3.9.15 Unauthenticated Sensitive Data Disclosure", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "Wordfence", "ASSIGNER": "security@wordfence.com", "ID": "CVE-2022-0236", "STATE": "PUBLIC", "TITLE": "WP Import Export (Lite) <= 3.9.15 Unauthenticated Sensitive Data Disclosure"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "WP Import Export", "version": {"version_data": [{"version_affected": "<=", "version_name": "3.9.15", "version_value": "3.9.15"}]}}, {"product_name": "WP Import Export Lite", "version": {"version_data": [{"version_affected": "<=", "version_name": "3.9.15", "version_value": "3.9.15"}]}}]}, "vendor_name": "vjinfotech"}]}}, "credit": [{"lang": "eng", "value": "Karan Saini (Kloudle Inc.)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-862 Missing Authorization"}]}]}, "references": {"reference_data": [{"name": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236", "refsource": "MISC", "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236"}, {"name": "https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php", "refsource": "MISC", "url": "https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php"}, {"name": "https://github.com/qurbat/CVE-2022-0236", "refsource": "MISC", "url": "https://github.com/qurbat/CVE-2022-0236"}]}, "solution": [{"lang": "en", "value": "Update to version 3.9.16, or newer. "}], "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:18:42.926Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/qurbat/CVE-2022-0236"}]}]}, "cveMetadata": {"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2022-0236", "datePublished": "2022-01-18T16:52:22", "dateReserved": "2022-01-14T00:00:00", "dateUpdated": "2024-08-02T23:18:42.926Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vjinfotech:wp_import_export:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "F3F82CF1-B7B1-44C6-9DE7-86678A789453", "versionEndIncluding": "3.9.15", "vulnerable": true}, {"criteria": "cpe:2.3:a:vjinfotech:wp_import_export_lite:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "A594FE37-A2C4-4B38-939C-1C8469D94241", "versionEndIncluding": "3.9.15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15."}, {"lang": "es", "value": "El plugin WP Import Export de WordPress (tanto en su versi\u00f3n gratuita como en la premium) es vulnerable a una divulgaci\u00f3n de datos confidenciales sin autenticaci\u00f3n debido a la falta de comprobaci\u00f3n de capacidad en la funci\u00f3n de descarga wpie_process_file_download que es encontrada en el archivo ~/includes/classes/class-wpie-general.php. Esto hac\u00eda posible que atacantes no autenticados pudieran descargar cualquier informaci\u00f3n importada o exportada de un sitio vulnerable que pudiera contener informaci\u00f3n confidencial como datos de usuarios. Esto afecta a las versiones hasta la 3.9.15 incluy\u00e9ndola"}], "id": "CVE-2022-0236", "lastModified": "2022-01-24T17:29:42.847", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2022-01-18T17:15:10.600", "references": [{"source": "security@wordfence.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/qurbat/CVE-2022-0236"}, {"source": "security@wordfence.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}