Vulnerability Details : CVE-2020-36708
The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4. This is due to epsilon_framework_ajax_action. This makes it possible for unauthenticated attackers to call functions and achieve remote code execution.
Vulnerability category: Execute code
Products affected by CVE-2020-36708
- cpe:2.3:a:machothemes:newsmag:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:machothemes:regina_lite:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:machothemes:naturemag_lite:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:machothemes:antreas:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:machothemes:medzone_lite:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:colorlib:activello:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:colorlib:bonkers:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:colorlib:pixova_lite:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:colorlib:newspaper_x:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:colorlib:illdy:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:colorlib:shapely:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:colorlib:sparklinkg:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:cpothemes:affluent:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:cpothemes:transcend:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:cpothemes:brilliance:*:*:*:*:*:wordpress:*:*
- cpe:2.3:a:cpothemes:allegiant:*:*:*:*:*:wordpress:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-36708
4.79%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-36708
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
Wordfence |
CWE ids for CVE-2020-36708
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by:
- nvd@nist.gov (Primary)
- security@wordfence.com (Secondary)
References for CVE-2020-36708
-
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/
Large-Scale Attacks Target Epsilon Framework ThemesThird Party Advisory
-
https://wpscan.com/vulnerability/bec52a5b-c892-4763-a962-05da7100eca5
Just a moment...Third Party Advisory
-
https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-fixed-in-15-wordpress-themes/
Unauthenticated function injection vulnerability fixed in 15 WordPress themes. – NinTechNetExploit;Third Party Advisory
-
https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-in-wordpress-sparkling-theme/
Unauthenticated function injection vulnerability in WordPress Sparkling theme. – NinTechNetExploit;Third Party Advisory
-
https://www.wordfence.com/threat-intel/vulnerabilities/id/5b75c322-539d-44e9-8f26-5ff929874b67?source=cve
Epsilon Framework Themes (Various Versions) - Function InjectionThird Party Advisory
Jump to