Lucene search

WPScanCVELIST:CVE-2021-24190

HistoryMay 14, 2021 - 11:38 a.m.

CVE-2021-24190 WooCommerce Conditional Marketing Mailer < 1.5.2 - Arbitrary Plugin Installation/Activation via Low Privilege User

2021-05-1411:38:16

CWE-285

WPScan

www.cve.org

woocommerce

conditional marketing mailer

plugin installation

low privilege

wordpress

vulnerability

rce

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

44.7%

JSON

Low privileged users can use the AJAX action ‘cp_plugins_do_button_job_later_callback’ in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

CNA Affected

[
  {
    "product": "WooCommerce Conditional Marketing Mailer",
    "vendor": "wp-buy",
    "versions": [
      {
        "lessThan": "1.5.2",
        "status": "affected",
        "version": "1.5.2",
        "versionType": "custom"
      }
    ]
  }
]

References

wpscan.com/vulnerability/74889e29-5349-43d1-baf5-1622493be90c