Vulnerability Details : CVE-2019-25142
Potential exploit
The Mesmerize & Materialis themes for WordPress are vulnerable to authenticated options change in versions up to, and including,1.6.89 (Mesmerize) and 1.0.172 (Materialis). This is due to 'companion_disable_popup' function only checking the nonce while sending user input to the 'update_option' function. This makes it possible for authenticated attackers to change otherwise restricted options.
Products affected by CVE-2019-25142
- cpe:2.3:a:extendthemes:materialis:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:extendthemes:mesmerize:*:*:*:*:*:wordpress:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-25142
0.45%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-25142
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
Wordfence |
CWE ids for CVE-2019-25142
-
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.Assigned by:
- nvd@nist.gov (Primary)
- security@wordfence.com (Secondary)
References for CVE-2019-25142
-
https://blog.nintechnet.com/wordpress-mesmerize-and-materialis-themes-fixed-an-authenticated-options-change-vulnerability/
WordPress Mesmerize and Materialis themes fixed an authenticated options change vulnerability. – NinTechNetExploit;Technical Description;Third Party Advisory
-
https://www.wordfence.com/threat-intel/vulnerabilities/id/8c9c3302-47cd-4dbe-b79e-5e6032928074?source=cve
Mesmerize <= 1.6.89 & Materialis <= 1.0.172 - Authenticated Arbitrary Options UpdatePatch;Third Party Advisory
-
https://wpscan.com/vulnerability/e4d70f03-69d5-4cca-8300-985f68d19ddc
Just a moment...Third Party Advisory
-
https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=121290%40materialis&new=121290%40materialis&sfp_email=&sfph_mail=
Changeset 121290 for materialis – WordPress ThemesPatch;Release Notes
-
https://wordpress.org/themes/mesmerize/
Mesmerize - WordPress theme | WordPress.orgProduct
-
https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=121291%40mesmerize&new=121291%40mesmerize&sfp_email=&sfph_mail=
Changeset 121291 for mesmerize – WordPress ThemesPatch;Release Notes
-
https://wordpress.org/themes/materialis/
Materialis - WordPress theme | WordPress.orgProduct
Jump to