CVE-2022-1008 - OpenCVE

The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ocdi	One Click Demo Import

Configuration 1 [-]

cpe:2.3:a:ocdi:one_click_demo_import:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/changeset/2695999
https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082

History

No history.

MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-04-11T14:41:07

Updated: 2024-08-02T23:47:43.121Z

Reserved: 2022-03-17T00:00:00

Link: CVE-2022-1008

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-04-11T15:15:09.030

Modified: 2022-04-15T03:40:18.317

Link: CVE-2022-1008

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "One Click Demo Import", "vendor": "Unknown", "versions": [{"lessThan": "3.1.0", "status": "affected", "version": "3.1.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "YICHENG LIU-ZTE CHENFENG lab"}], "descriptions": [{"lang": "en", "value": "The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-11T14:41:07", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://plugins.trac.wordpress.org/changeset/2695999"}], "source": {"discovery": "EXTERNAL"}, "title": "One Click Demo Import < 3.1.0 - Admin+ Arbitrary File Upload", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2022-1008", "STATE": "PUBLIC", "TITLE": "One Click Demo Import < 3.1.0 - Admin+ Arbitrary File Upload"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "One Click Demo Import", "version": {"version_data": [{"version_affected": "<", "version_name": "3.1.0", "version_value": "3.1.0"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "YICHENG LIU-ZTE CHENFENG lab"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed"}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082"}, {"name": "https://plugins.trac.wordpress.org/changeset/2695999", "refsource": "CONFIRM", "url": "https://plugins.trac.wordpress.org/changeset/2695999"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:47:43.121Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://plugins.trac.wordpress.org/changeset/2695999"}]}]}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2022-1008", "datePublished": "2022-04-11T14:41:07", "dateReserved": "2022-03-17T00:00:00", "dateUpdated": "2024-08-02T23:47:43.121Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ocdi:one_click_demo_import:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "BC5954EA-2DEB-471C-AAC0-55918AEA60BC", "versionEndExcluding": "3.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed"}, {"lang": "es", "value": "El plugin One Click Demo Import de WordPress versiones anteriores a 3.1.0, no comprueba el archivo importado, permitiendo a usuarios con privilegios elevados, como los administradores, cargar archivos arbitrarios (como PHP) incluso cuando FILE_MODS y FILE_EDIT no est\u00e1n permitidos"}], "id": "CVE-2022-1008", "lastModified": "2022-04-15T03:40:18.317", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-11T15:15:09.030", "references": [{"source": "contact@wpscan.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset/2695999"}, {"source": "contact@wpscan.com", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "contact@wpscan.com", "type": "Primary"}]}