{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2018-25095", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2023-12-15T15:47:20.064Z", "datePublished": "2024-01-08T19:00:33.155Z", "dateUpdated": "2024-08-05T12:33:47.807Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2024-01-08T19:00:33.155Z"}, "title": "Duplicator < 1.3.0 - Unauthenticated RCE", "problemTypes": [{"descriptions": [{"description": "CWE-94 Improper Control of Generation of Code ('Code Injection')", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Duplicator", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThan": "1.3.0"}], "defaultStatus": "unaffected", "collectionURL": "https://wordpress.org/plugins"}], "descriptions": [{"lang": "en", "value": "The Duplicator WordPress plugin before 1.3.0 does not properly escape values when its installer script replaces values in WordPress configuration files. If this installer script is left on the site after use, it could be use to run arbitrary code on the server."}], "references": [{"url": "https://wpscan.com/vulnerability/16cc47aa-cb31-4114-b014-7ac5fbc1d3ee", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Jeremy Lim", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:33:47.807Z"}, "title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/16cc47aa-cb31-4114-b014-7ac5fbc1d3ee", "tags": ["exploit", "vdb-entry", "technical-description", "x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:snapcreek:duplicator:*:*:*:*:lite:wordpress:*:*", "matchCriteriaId": "752DF250-06AD-4C5F-9B45-7E931FD0176A", "versionEndExcluding": "1.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Duplicator WordPress plugin before 1.3.0 does not properly escape values when its installer script replaces values in WordPress configuration files. If this installer script is left on the site after use, it could be use to run arbitrary code on the server."}, {"lang": "es", "value": "El complemento Duplicator de WordPress anterior a 1.3.0 no escapa correctamente de los valores cuando su script de instalaci\u00f3n reemplaza los valores en los archivos de configuraci\u00f3n de WordPress. Si este script de instalaci\u00f3n se deja en el sitio despu\u00e9s de su uso, podr\u00eda usarse para ejecutar c\u00f3digo arbitrario en el servidor."}], "id": "CVE-2018-25095", "lastModified": "2024-11-21T04:03:32.950", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-08T19:15:08.377", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/16cc47aa-cb31-4114-b014-7ac5fbc1d3ee"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/16cc47aa-cb31-4114-b014-7ac5fbc1d3ee"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}