CVE-2022-29451 - OpenCVE

Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rarathemes	Rara One Click Demo Import

Configuration 1 [-]

cpe:2.3:a:rarathemes:rara_one_click_demo_import:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://patchstack.com/database/vulnerability/rara-one-click-demo-import/wordpress-rara-one-click-demo-import-plugin-1-2-9-cross-site-request-forgery-csrf-leads-to-arbitrary-file-upload-vulnerability
https://wordpress.org/plugins/rara-one-click-demo-import/#developers

History

No history.

MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2022-04-29T16:58:13.542056Z

Updated: 2024-09-17T02:33:09.755Z

Reserved: 2022-04-18T00:00:00

Link: CVE-2022-29451

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-04-29T17:15:22.943

Modified: 2022-05-11T13:07:16.387

Link: CVE-2022-29451

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Rara One Click Demo Import (WordPress plugin)", "vendor": "Raratheme", "versions": [{"lessThanOrEqual": "1.2.9", "status": "affected", "version": "<= 1.2.9", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Vulnerability discovered by BEE-K (Patchstack)"}], "datePublic": "2022-04-21T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-29T16:58:13", "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://wordpress.org/plugins/rara-one-click-demo-import/#developers"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://patchstack.com/database/vulnerability/rara-one-click-demo-import/wordpress-rara-one-click-demo-import-plugin-1-2-9-cross-site-request-forgery-csrf-leads-to-arbitrary-file-upload-vulnerability"}], "solutions": [{"lang": "en", "value": "Deactivate and delete. No response from the vendor."}], "source": {"discovery": "EXTERNAL"}, "title": "WordPress Rara One Click Demo Import plugin <= 1.2.9 - Cross-Site Request Forgery (CSRF) leads to Arbitrary File Upload vulnerability", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "audit@patchstack.com", "DATE_PUBLIC": "2022-04-21T13:36:00.000Z", "ID": "CVE-2022-29451", "STATE": "PUBLIC", "TITLE": "WordPress Rara One Click Demo Import plugin <= 1.2.9 - Cross-Site Request Forgery (CSRF) leads to Arbitrary File Upload vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Rara One Click Demo Import (WordPress plugin)", "version": {"version_data": [{"version_affected": "<=", "version_name": "<= 1.2.9", "version_value": "1.2.9"}]}}]}, "vendor_name": "Raratheme"}]}}, "credit": [{"lang": "eng", "value": "Vulnerability discovered by BEE-K (Patchstack)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}, {"description": [{"lang": "eng", "value": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}]}, "references": {"reference_data": [{"name": "https://wordpress.org/plugins/rara-one-click-demo-import/#developers", "refsource": "CONFIRM", "url": "https://wordpress.org/plugins/rara-one-click-demo-import/#developers"}, {"name": "https://patchstack.com/database/vulnerability/rara-one-click-demo-import/wordpress-rara-one-click-demo-import-plugin-1-2-9-cross-site-request-forgery-csrf-leads-to-arbitrary-file-upload-vulnerability", "refsource": "CONFIRM", "url": "https://patchstack.com/database/vulnerability/rara-one-click-demo-import/wordpress-rara-one-click-demo-import-plugin-1-2-9-cross-site-request-forgery-csrf-leads-to-arbitrary-file-upload-vulnerability"}]}, "solution": [{"lang": "en", "value": "Deactivate and delete. No response from the vendor."}], "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T06:26:05.161Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://wordpress.org/plugins/rara-one-click-demo-import/#developers"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://patchstack.com/database/vulnerability/rara-one-click-demo-import/wordpress-rara-one-click-demo-import-plugin-1-2-9-cross-site-request-forgery-csrf-leads-to-arbitrary-file-upload-vulnerability"}]}]}, "cveMetadata": {"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "assignerShortName": "Patchstack", "cveId": "CVE-2022-29451", "datePublished": "2022-04-29T16:58:13.542056Z", "dateReserved": "2022-04-18T00:00:00", "dateUpdated": "2024-09-17T02:33:09.755Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rarathemes:rara_one_click_demo_import:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "9241A588-0A7F-4582-A7C7-C7C760C87C0A", "versionEndExcluding": "1.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory."}, {"lang": "es", "value": "Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) conllevando a una vulnerabilidad de carga de archivos arbitraria en el plugin Rara One Click Demo Import versiones anteriores a 1.2.9 en WordPress, permite a atacantes enga\u00f1ar a los usuarios administradores con sesi\u00f3n iniciada para que suban archivos peligrosos al directorio /wp-content/uploads/"}], "id": "CVE-2022-29451", "lastModified": "2022-05-11T13:07:16.387", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2022-04-29T17:15:22.943", "references": [{"source": "audit@patchstack.com", "tags": ["Third Party Advisory"], "url": "https://patchstack.com/database/vulnerability/rara-one-click-demo-import/wordpress-rara-one-click-demo-import-plugin-1-2-9-cross-site-request-forgery-csrf-leads-to-arbitrary-file-upload-vulnerability"}, {"source": "audit@patchstack.com", "tags": ["Product", "Third Party Advisory"], "url": "https://wordpress.org/plugins/rara-one-click-demo-import/#developers"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}, {"lang": "en", "value": "CWE-434"}], "source": "audit@patchstack.com", "type": "Primary"}]}