WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Multiple Plugins from Cool Plugins - Subscriber+ Arbitrary Plugin Installation & Activation

Description

Multiple plugins from the Cool Plugins vendor are missing capability and proper CSRF check in the cool_plugins_install and cool_plugins_activate  AJAX actions, available to any authenticated users, allowing them to install and activate arbitrary plugins via an archive hosted on a remote server they control

Affects Plugins

template-events-calendar
Fixed in version 2.0
cryptocurrency-price-ticker-widget
Fixed in version 2.5
cryptocurrency-donation-box
Fixed in version 1.8
events-widgets-for-elementor-and-the-events-calendar
Fixed in version 1.5
event-page-templates-addon-for-the-events-calendar
Fixed in version 1.6
events-search-addon-for-the-events-calendar
Fixed in version 1.2
countdown-for-the-events-calendar
Fixed in version 1.4
cryptocurrency-widgets-for-elementor
Fixed in version 1.3
cool-timeline
Fixed in version 2.4

References

URL
https://blog.nintechnet.com/8-wordpress-plugins-fixed-high-severity-vulnerability/

Classification

Type

RCE

OWASP top 10
A1: Injection
CWE
CWE-94

Miscellaneous

Original Researcher

Jerome Bruandet (nintechnet)

Verified

Yes

WPVDB ID
b62a26a6-cea0-46a7-b577-ba8d476ec1b5

Timeline

Publicly Published

2022-04-12 (about 5 months ago)

Added

2022-04-12 (about 5 months ago)

Last Updated

2022-04-13 (about 5 months ago)

Our Other Services

WPScan WordPress Security Plugin