CVE-2021-24500 : Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lack

Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lacked CSRF protections, as well as allowing insecure direct object references that were not validated. This allows an attacker to trick a logged in user to submit a POST request to the vulnerable site, potentially modifying or deleting arbitrary objects on the target site.

Published 2021-08-09 10:15:07

Updated 2022-10-25 16:02:18

Source WPScan

View at NVD, CVE.org

Vulnerability category: Cross-site request forgery (CSRF)BypassGain privilege

Products affected by CVE-2021-24500

Amentotech » Workreap » For Wordpress
Versions before (<) 2.2.2
cpe:2.3:a:amentotech:workreap:*:*:*:*:*:wordpress:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-24500

EPSS FAQ

0.30%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 50 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-24500

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.8	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:P	8.6	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Partial
8.1	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H	2.8	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: High Availability: High

CWE ids for CVE-2021-24500

CWE-283 Unverified Ownership

The product does not properly verify that a critical resource is owned by the proper entity.

Assigned by: contact@wpscan.com (Secondary)
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Assigned by: contact@wpscan.com (Secondary)
CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Assigned by: nvd@nist.gov (Primary)
CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Assigned by: contact@wpscan.com (Secondary)

References for CVE-2021-24500

https://wpscan.com/vulnerability/0c4b5ecc-54d0-45ec-9f92-b2ca3cadbe56

Attention Required! | Cloudflare
Exploit;Third Party Advisory
https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/

Multiple vulnerabilities in Workreap theme by Amentotech
Exploit;Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-24500

Products affected by CVE-2021-24500

Exploit prediction scoring system (EPSS) score for CVE-2021-24500

CVSS scores for CVE-2021-24500

CWE ids for CVE-2021-24500

References for CVE-2021-24500