CVE-2022-2515 - OpenCVE

The Simple Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `pro_version_activation_code` parameter in versions up to, and including, 2.11.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, including those without administrative capabilities when access is granted to those users, to inject arbitrary web scripts in page that will execute whenever a user role having access to "Simple Banner" accesses the plugin's settings.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Simple Banner Project	Simple Banner

Configuration 1 [-]

cpe:2.3:a:simple_banner_project:simple_banner:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://gist.github.com/Xib3rR4dAr/6aa9e730c1d030a5ee9f9d1eae6fbd5e
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2758766%40simple-banner&new=2758766%40simple-banner&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/3bb9520d-e679-4e8a-ae3c-8207f17d45a2?source=cve
https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2515

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2022-09-06T17:18:58

Updated: 2024-08-03T00:39:08.068Z

Reserved: 2022-07-22T00:00:00

Link: CVE-2022-2515

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-06T18:15:14.077

Modified: 2023-11-07T03:46:37.960

Link: CVE-2022-2515

Redhat

No data.

{"containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-10-20T15:06:07.366Z"}, "affected": [{"vendor": "rpetersen29", "product": "Simple Banner \u2013 An easy to use Banner/Bar/Notification/Announcement for the top or bottom of your website", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "2.11.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Simple Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `pro_version_activation_code` parameter in versions up to, and including, 2.11.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, including those without administrative capabilities when access is granted to those users, to inject arbitrary web scripts in page that will execute whenever a user role having access to \"Simple Banner\" accesses the plugin's settings."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bb9520d-e679-4e8a-ae3c-8207f17d45a2?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2758766%40simple-banner&new=2758766%40simple-banner&sfp_email=&sfph_mail="}, {"url": "https://gist.github.com/Xib3rR4dAr/6aa9e730c1d030a5ee9f9d1eae6fbd5e"}, {"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2515"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Zeeshan"}], "timeline": [{"time": "2022-07-22T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:39:08.068Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bb9520d-e679-4e8a-ae3c-8207f17d45a2?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2758766%40simple-banner&new=2758766%40simple-banner&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}, {"url": "https://gist.github.com/Xib3rR4dAr/6aa9e730c1d030a5ee9f9d1eae6fbd5e", "tags": ["x_transferred"]}, {"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2515", "tags": ["x_transferred"]}]}]}, "cveMetadata": {"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2022-2515", "datePublished": "2022-09-06T17:18:58", "dateReserved": "2022-07-22T00:00:00", "dateUpdated": "2024-08-03T00:39:08.068Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:simple_banner_project:simple_banner:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "D3ABAB26-E082-4B33-ACA9-710D8987D6DF", "versionEndExcluding": "2.12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Simple Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `pro_version_activation_code` parameter in versions up to, and including, 2.11.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, including those without administrative capabilities when access is granted to those users, to inject arbitrary web scripts in page that will execute whenever a user role having access to \"Simple Banner\" accesses the plugin's settings."}, {"lang": "es", "value": "El plugin Simple Banner para WordPress es vulnerable a un ataque de tipo Cross-Site Scripting Almacenado por medio del par\u00e1metro \"pro_version_activation_code\" en versiones hasta 2.11.0 incluy\u00e9ndola, debido a un insuficiente saneo de la entrada y escape de la salida. Esto hace posible a atacantes autenticados, incluyendo aquellos sin capacidades administrativas cuando el acceso es concedido a esos usuarios, inyecten scripts web arbitrarios en la p\u00e1gina que es ejecutar\u00e1n cuando un rol de usuario que tenga acceso a \"Simple Banner\" acceda a la configuraci\u00f3n del plugin.\n"}], "id": "CVE-2022-2515", "lastModified": "2023-11-07T03:46:37.960", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2022-09-06T18:15:14.077", "references": [{"source": "security@wordfence.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://gist.github.com/Xib3rR4dAr/6aa9e730c1d030a5ee9f9d1eae6fbd5e"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2758766%40simple-banner&new=2758766%40simple-banner&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bb9520d-e679-4e8a-ae3c-8207f17d45a2?source=cve"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2515"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}