Vulnerability Details : CVE-2015-6828
The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and earlier for WordPress does not use an HTTPS session for downloading serialized data, which allows man-in-the-middle attackers to conduct PHP object injection attacks and execute arbitrary PHP code by modifying the client-server data stream. NOTE: some of these details are obtained from third party information.
Vulnerability category: Input validation
Exploit prediction scoring system (EPSS) score for CVE-2015-6828
Probability of exploitation activity in the next 30 days: 0.24%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 61 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-6828
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2015-6828
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-6828
-
https://wpvulndb.com/vulnerabilities/8179
SecureMoz Security Audit <= 1.0.5 - MitM PHP Object InjectionThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2015/09/05/4
oss-security - Some Wordpress Plugin StuffExploit;Mailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2015/09/06/3
oss-security - Re: Some Wordpress Plugin StuffExploit;Mailing List;Third Party Advisory
Products affected by CVE-2015-6828
- cpe:2.3:a:securemoz:security_audit:*:*:*:*:*:wordpress:*:*