CVE-2024-6026 - Vulnerability Details - OpenCVE

The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its Slide options, which could allow authenticated users with access to the Sliders (by default Administrator, however this can be changed via the Slider by 10Web WordPress plugin before 1.2.56's options) and the ability to add images (Editor+) to perform Stored Cross-Site Scripting attacks

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
10web	Slider

Configuration 1 [-]

cpe:2.3:a:10web:slider:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://wpscan.com/vulnerability/01609d84-e9eb-46a9-b2cc-fe7e0c982984/

History

No history.

MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2024-07-11T06:00:04.304Z

Updated: 2024-08-01T21:25:03.207Z

Reserved: 2024-06-14T21:14:44.679Z

Link: CVE-2024-6026

Vulnrichment

Updated: 2024-07-11T14:07:46.387Z

NVD

Status : Modified

Published: 2024-07-11T06:15:02.987

Modified: 2024-11-21T09:48:47.260

Link: CVE-2024-6026

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6026", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2024-06-14T21:14:44.679Z", "datePublished": "2024-07-11T06:00:04.304Z", "dateUpdated": "2024-08-01T21:25:03.207Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2024-07-11T06:00:04.304Z"}, "title": "Slider by 10Web < 1.2.56 - Editor+ Stored XSS", "problemTypes": [{"descriptions": [{"description": "CWE-79 Cross-Site Scripting (XSS)", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Slider by 10Web ", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThan": "1.2.56"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its Slide options, which could allow authenticated users with access to the Sliders (by default Administrator, however this can be changed via the Slider by 10Web WordPress plugin before 1.2.56's options) and the ability to add images (Editor+) to perform Stored Cross-Site Scripting attacks"}], "references": [{"url": "https://wpscan.com/vulnerability/01609d84-e9eb-46a9-b2cc-fe7e0c982984/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Dmitrii Ignatyev", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"affected": [{"vendor": "10web", "product": "slider", "cpes": ["cpe:2.3:a:10web:slider:*:*:*:*:*:wordpress:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.2.56", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T14:05:56.301194Z", "id": "CVE-2024-6026", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T14:07:51.087Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:25:03.207Z"}, "title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/01609d84-e9eb-46a9-b2cc-fe7e0c982984/", "tags": ["exploit", "vdb-entry", "technical-description", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-6026", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-11T14:05:56.301194Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:10web:slider:*:*:*:*:*:wordpress:*:*"], "vendor": "10web", "product": "slider", "versions": [{"status": "affected", "version": "0", "lessThan": "1.2.56", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T14:07:46.387Z"}}], "cna": {"title": "Slider by 10Web < 1.2.56 - Editor+ Stored XSS", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Dmitrii Ignatyev"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "Slider by 10Web ", "versions": [{"status": "affected", "version": "0", "lessThan": "1.2.56", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://wpscan.com/vulnerability/01609d84-e9eb-46a9-b2cc-fe7e0c982984/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its Slide options, which could allow authenticated users with access to the Sliders (by default Administrator, however this can be changed via the Slider by 10Web WordPress plugin before 1.2.56's options) and the ability to add images (Editor+) to perform Stored Cross-Site Scripting attacks"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-79 Cross-Site Scripting (XSS)"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2024-07-11T06:00:04.304Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6026", "state": "PUBLISHED", "dateUpdated": "2024-07-11T14:07:51.087Z", "dateReserved": "2024-06-14T21:14:44.679Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2024-07-11T06:00:04.304Z", "assignerShortName": "WPScan"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:10web:slider:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "6A816980-6FF3-4583-A32E-DF300BE675F9", "versionEndExcluding": "1.2.56", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its Slide options, which could allow authenticated users with access to the Sliders (by default Administrator, however this can be changed via the Slider by 10Web WordPress plugin before 1.2.56's options) and the ability to add images (Editor+) to perform Stored Cross-Site Scripting attacks"}, {"lang": "es", "value": " El complemento Slider by 10Web para WordPress anterior a 1.2.56 no sanitiza ni escapa a algunas de sus opciones de diapositivas, lo que podr\u00eda permitir a los usuarios autenticados acceder a los Sliders (de forma predeterminada, Administrador, sin embargo, esto se puede cambiar a trav\u00e9s del complemento Slider by 10Web WordPress anterior a 1.2 .56) y la capacidad de agregar im\u00e1genes (Editor+) para realizar ataques de Cross Site Scripting almacenado"}], "id": "CVE-2024-6026", "lastModified": "2024-11-21T09:48:47.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-07-11T06:15:02.987", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/01609d84-e9eb-46a9-b2cc-fe7e0c982984/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/01609d84-e9eb-46a9-b2cc-fe7e0c982984/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}