CVE-2022-2939 - Vulnerability Details - OpenCVE

The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Cerber	Wp Cerber Security\, Anti-spam \& Malware Scan

Configuration 1 [-]

cpe:2.3:a:cerber:wp_cerber_security\,_anti-spam_\&_malware_scan:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php
https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939

History

Fri, 07 Feb 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2022-09-06T17:19:01.000Z

Updated: 2025-02-07T20:47:15.208Z

Reserved: 2022-08-22T00:00:00.000Z

Link: CVE-2022-2939

Vulnrichment

Updated: 2024-08-03T00:52:59.815Z

NVD

Status : Modified

Published: 2022-09-06T18:15:15.143

Modified: 2024-11-21T07:01:57.593

Link: CVE-2022-2939

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "WP Cerber Security, Anti-spam & Malware Scan", "vendor": "gioni", "versions": [{"lessThanOrEqual": "9.0", "status": "affected", "version": "9.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Margaux DABERT (Intrinsec)"}], "descriptions": [{"lang": "en", "value": "The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Information Exposure", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-06T17:19:01.000Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}, {"tags": ["x_refsource_MISC"], "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}], "source": {"discovery": "EXTERNAL"}, "title": "WP Cerber Security <= 9.0 - User Enumeration Bypass", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "Wordfence", "ASSIGNER": "security@wordfence.com", "ID": "CVE-2022-2939", "STATE": "PUBLIC", "TITLE": "WP Cerber Security <= 9.0 - User Enumeration Bypass"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "WP Cerber Security, Anti-spam & Malware Scan", "version": {"version_data": [{"version_affected": "<=", "version_name": "9.0", "version_value": "9.0"}]}}]}, "vendor_name": "gioni"}]}}, "credit": [{"lang": "eng", "value": "Margaux DABERT (Intrinsec)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200 Information Exposure"}]}]}, "references": {"reference_data": [{"name": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939", "refsource": "MISC", "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}, {"name": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php", "refsource": "MISC", "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:52:59.815Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-07T20:47:11.071105Z", "id": "CVE-2022-2939", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T20:47:15.208Z"}}]}, "cveMetadata": {"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2022-2939", "datePublished": "2022-09-06T17:19:01.000Z", "dateReserved": "2022-08-22T00:00:00.000Z", "dateUpdated": "2025-02-07T20:47:15.208Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:52:59.815Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-2939", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-07T20:47:11.071105Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T20:47:06.742Z"}}], "cna": {"title": "WP Cerber Security <= 9.0 - User Enumeration Bypass", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "Margaux DABERT (Intrinsec)"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "gioni", "product": "WP Cerber Security, Anti-spam & Malware Scan", "versions": [{"status": "affected", "version": "9.0", "versionType": "custom", "lessThanOrEqual": "9.0"}]}], "references": [{"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939", "tags": ["x_refsource_MISC"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php", "tags": ["x_refsource_MISC"]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Information Exposure"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2022-09-06T17:19:01.000Z"}, "x_legacyV4Record": {"credit": [{"lang": "eng", "value": "Margaux DABERT (Intrinsec)"}], "impact": {"cvss": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, "source": {"discovery": "EXTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_name": "9.0", "version_value": "9.0", "version_affected": "<="}]}, "product_name": "WP Cerber Security, Anti-spam & Malware Scan"}]}, "vendor_name": "gioni"}]}}, "data_type": "CVE", "generator": {"engine": "Vulnogram 0.0.9"}, "references": {"reference_data": [{"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939", "name": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939", "refsource": "MISC"}, {"url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php", "name": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200 Information Exposure"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-2939", "AKA": "Wordfence", "STATE": "PUBLIC", "TITLE": "WP Cerber Security <= 9.0 - User Enumeration Bypass", "ASSIGNER": "security@wordfence.com"}}}}, "cveMetadata": {"cveId": "CVE-2022-2939", "state": "PUBLISHED", "dateUpdated": "2025-02-07T20:47:15.208Z", "dateReserved": "2022-08-22T00:00:00.000Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2022-09-06T17:19:01.000Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cerber:wp_cerber_security\\,_anti-spam_\\&_malware_scan:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "40F38BAC-D89C-4442-88C5-FDA0E3247850", "versionEndIncluding": "9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks."}, {"lang": "es", "value": "El plugin WP Cerber Security para WordPress es vulnerable a una omisi\u00f3n de la protecci\u00f3n de seguridad en versiones hasta 9.0, incluy\u00e9ndola, que hace posible una enumeraci\u00f3n de usuarios. Esto es debido a que no es comprobado el valor suministrado mediante el par\u00e1metro \"author\" que es encontrado en el archivo ~/cerber-load.php. En las versiones vulnerables, el plugin s\u00f3lo bloquea las peticiones si el valor suministrado es num\u00e9rico, haciendo posible a atacantes suministren caracteres no num\u00e9ricos adicionales para omitir la protecci\u00f3n. Los caracteres no num\u00e9ricos son eliminados y es mostrado una petici\u00f3n de usuario. Esto puede ser usado por atacantes no autenticados para reunir informaci\u00f3n sobre usuarios que puede ser objetivo de otros ataques."}], "id": "CVE-2022-2939", "lastModified": "2024-11-21T07:01:57.593", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-06T18:15:15.143", "references": [{"source": "security@wordfence.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@wordfence.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}