WordPress Plugin Vulnerabilities

WP HTML Mail < 3.1 - Unprotected REST-API Endpoint

Description

The plugin is vulnerable to setting changes and stored cross-site scripting due to misconfigured authorization controls on the /themesettings REST API endpoint.

Affects Plugins

Plugin icon
wp-html-mail
Fixed in 3.1

References

CVE
CVE-2022-0218
URL
https://www.wordfence.com/blog/2022/01/unauthenticated-xss-vulnerability-patched-in-html-email-template-designer-plugin/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
6.4 (medium)

Miscellaneous

Original Researcher
Chloe Chamberland
Submitter
Chloe Chamberland
Submitter website
https://wordfence.com
Submitter twitter
infosecchloe
Verified
Yes
WPVDB ID
77b9763c-cd91-4cb7-bca5-87c3d1373864

Timeline

Publicly Published
2022-01-19 (about 2 years ago)
Added
2022-01-19 (about 2 years ago)
Last Updated
2022-04-10 (about 2 years ago)

Other

Published
Title
Published
2024-02-19
Title
Schema & Structured Data for WP & AMP < 1.27 - Contributor+ reCaptcha Key Update
Published
2021-10-20
Title
Sassy Social Share 3.3.23 - Missing Access Controls to PHP Object Injection
Published
2022-03-28
Title
Shopping Cart & eCommerce Store < 5.2.5 - Arbitrary Design Settings Update via CSRF
Published
2021-09-22
Title
WooCommerce < 5.7.0 & WooCommerce Admin < 2.6.4 - Analytics Report Leaks
Published
2021-04-20
Title
Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Post Deletion