CVE-2020-36716

The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the setup_page function in versions up to, and including, 4.0.1. This makes it possible for unauthenticated attackers to run the setup wizard (if it has not been run previously) and access plugin configuration options.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://blog.nintechnet.com/vulnerabilities-fixed-in-wordpress-wp-security-audit-log-plugin/	Exploit
https://plugins.trac.wordpress.org/changeset/2252006	Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/9d0a8be3-6630-4cf7-b6cb-cdc86b99acb3?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wpwhitesecurity:wp_activity_log:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2023-06-07 02:15

Updated : 2023-11-07 03:22

NVD link : CVE-2020-36716

Mitre link : CVE-2020-36716

CVE.ORG link : CVE-2020-36716

JSON object : View

Products Affected

wpwhitesecurity

wp_activity_log

CWE

CWE-862

Missing Authorization

{"id": "CVE-2020-36716", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 3.9}]}, "published": "2023-06-07T02:15:11.987", "references": [{"url": "https://blog.nintechnet.com/vulnerabilities-fixed-in-wordpress-wp-security-audit-log-plugin/", "tags": ["Exploit"], "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/changeset/2252006", "tags": ["Patch"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9d0a8be3-6630-4cf7-b6cb-cdc86b99acb3?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the setup_page function in versions up to, and including, 4.0.1. This makes it possible for unauthenticated attackers to run the setup wizard (if it has not been run previously) and access plugin configuration options."}], "lastModified": "2023-11-07T03:22:29.020", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wpwhitesecurity:wp_activity_log:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "52B6B5CE-E007-4EC5-BFD4-408565679A69", "versionEndIncluding": "4.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}