Vulnerability Details : CVE-2020-35234
Public exploit exists!
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as exploited in the wild in December 2020. If an attacker can list the wp-content/plugins/easy-wp-smtp/ directory, then they can discover a log file (such as #############_debug_log.txt) that contains all password-reset links. The attacker can request a reset of the Administrator password and then use a link found there.
Products affected by CVE-2020-35234
- cpe:2.3:a:wp-ecommerce:easy_wp_smtp:*:*:*:*:*:wordpress:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-35234
72.50%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2020-35234
-
WordPress Easy WP SMTP Password Reset
Disclosure Date: 2020-12-06First seen: 2020-12-19auxiliary/scanner/http/wp_easy_wp_smtpWordpress plugin Easy WP SMTP versions <= 1.4.2 was found to not include index.html within its plugin folder. This potentially allows for directory listings. If debug mode is also enabled for the plugin, all SMTP commands are stored in a debug file. An email must hav
CVSS scores for CVE-2020-35234
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2020-35234
-
The product writes sensitive information to a log file.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-35234
-
https://blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/
WordPress Easy WP SMTP plugin fixed zero-day vulnerability. – NinTechNetExploit;Third Party Advisory
-
https://wordpress.org/plugins/easy-wp-smtp/#developers
Easy WP SMTP – WordPress plugin | WordPress.orgProduct;Release Notes;Third Party Advisory
Jump to