Vulnerabilites related to era404 - stafflist
cve-2022-1556
Vulnerability from cvelistv5
Published
2022-05-30 08:35
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement when searching for Staff in the admin dashboard, leading to an SQL Injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/04890549-6bd1-44dd-8bce-7125c01be5d4 | x_refsource_MISC | |
| https://packetstormsecurity.com/files/166918/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:10:03.475Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpscan.com/vulnerability/04890549-6bd1-44dd-8bce-7125c01be5d4", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://packetstormsecurity.com/files/166918/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "StaffList", vendor: "Unknown", versions: [ { lessThan: "3.1.5", status: "affected", version: "3.1.5", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Hassan Khan Yusufzai", }, ], descriptions: [ { lang: "en", value: "The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement when searching for Staff in the admin dashboard, leading to an SQL Injection", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 SQL Injection", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-30T08:35:52", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wpscan.com/vulnerability/04890549-6bd1-44dd-8bce-7125c01be5d4", }, { tags: [ "x_refsource_MISC", ], url: "https://packetstormsecurity.com/files/166918/", }, ], source: { discovery: "EXTERNAL", }, title: "StaffList < 3.1.5 - Admin+ SQLi", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2022-1556", STATE: "PUBLIC", TITLE: "StaffList < 3.1.5 - Admin+ SQLi", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "StaffList", version: { version_data: [ { version_affected: "<", version_name: "3.1.5", version_value: "3.1.5", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Hassan Khan Yusufzai", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement when searching for Staff in the admin dashboard, leading to an SQL Injection", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-89 SQL Injection", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/04890549-6bd1-44dd-8bce-7125c01be5d4", refsource: "MISC", url: "https://wpscan.com/vulnerability/04890549-6bd1-44dd-8bce-7125c01be5d4", }, { name: "https://packetstormsecurity.com/files/166918/", refsource: "MISC", url: "https://packetstormsecurity.com/files/166918/", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2022-1556", datePublished: "2022-05-30T08:35:52", dateReserved: "2022-05-03T00:00:00", dateUpdated: "2024-08-03T00:10:03.475Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-13749
Vulnerability from cvelistv5
Published
2025-02-12 03:21
Modified
2025-02-12 15:15
Severity ?
EPSS score ?
Summary
The StaffList plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing or incorrect nonce validation on the 'stafflist' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-13749", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-12T15:15:31.123771Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-12T15:15:39.499Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "StaffList", vendor: "era404", versions: [ { lessThanOrEqual: "3.2.3", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Colin Xu", }, ], descriptions: [ { lang: "en", value: "The StaffList plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing or incorrect nonce validation on the 'stafflist' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-12T03:21:39.225Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8da640d-8965-45bb-be68-57d4eb598759?source=cve", }, { url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3232922%40stafflist&new=3232922%40stafflist&sfp_email=&sfph_mail=", }, ], timeline: [ { lang: "en", time: "2025-02-11T00:00:00.000+00:00", value: "Disclosed", }, ], title: "StaffList <= 3.2.3 - Cross-Site Request Forgery to Reflected Cross-Site Scripting", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-13749", datePublished: "2025-02-12T03:21:39.225Z", dateReserved: "2025-01-27T21:43:34.474Z", dateUpdated: "2025-02-12T15:15:39.499Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2025-02-12 04:15
Modified
2025-02-25 03:54
Severity ?
Summary
The StaffList plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing or incorrect nonce validation on the 'stafflist' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:era404:stafflist:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "ECCF43F0-E07E-40C5-946D-207C0103109E", versionEndExcluding: "3.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The StaffList plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing or incorrect nonce validation on the 'stafflist' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", }, { lang: "es", value: "El complemento StaffList para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 3.2.3 y incluida. Esto se debe a una validación de nonce incorrecta o faltante en la página 'stafflist'. Esto hace posible que atacantes no autenticados actualicen configuraciones e inyecten contenido web malicioso scripts a través de una solicitud falsificada, siempre que puedan engañar al administrador del sitio para que realice una acción como hacer clic en un enlace.", }, ], id: "CVE-2024-13749", lastModified: "2025-02-25T03:54:36.293", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "security@wordfence.com", type: "Primary", }, ], }, published: "2025-02-12T04:15:09.793", references: [ { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3232922%40stafflist&new=3232922%40stafflist&sfp_email=&sfph_mail=", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8da640d-8965-45bb-be68-57d4eb598759?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@wordfence.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-30 09:15
Modified
2024-11-21 06:40
Severity ?
Summary
The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement when searching for Staff in the admin dashboard, leading to an SQL Injection
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://packetstormsecurity.com/files/166918/ | Exploit, Third Party Advisory, VDB Entry | |
| contact@wpscan.com | https://wpscan.com/vulnerability/04890549-6bd1-44dd-8bce-7125c01be5d4 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/166918/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/04890549-6bd1-44dd-8bce-7125c01be5d4 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:era404:stafflist:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "518E1654-3116-44FB-B349-E2ED8B771C11", versionEndExcluding: "3.1.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement when searching for Staff in the admin dashboard, leading to an SQL Injection", }, { lang: "es", value: "El plugin StaffList de WordPress versiones anteriores a 3.1.5, no sanea y escapa de un parámetro antes de usarlo en una sentencia SQL cuando es buscado personal en el panel de administración, conllevando una inyección SQL", }, ], id: "CVE-2022-1556", lastModified: "2024-11-21T06:40:57.730", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-30T09:15:09.587", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://packetstormsecurity.com/files/166918/", }, { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/04890549-6bd1-44dd-8bce-7125c01be5d4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://packetstormsecurity.com/files/166918/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/04890549-6bd1-44dd-8bce-7125c01be5d4", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "contact@wpscan.com", type: "Primary", }, ], }