Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-28413: Multiple vulnerabilities in WordPress Plugin "MW WP Form" and "Snow Monkey Forms"

Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and earlier allows a remote unauthenticated attacker to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition.

CVE
Open in Source
#vulnerability#web#dos#wordpress#auth

Published:2023/05/15 Last Updated:2023/05/15

Overview

WordPress Plugin “MW WP Form” and “Snow Monkey Forms” provided by Monkey Wrench Inc. contain multiple vulnerabilities.

Products Affected

CVE-2023-28408, CVE-2023-28409

  • MW WP Form versions v4.4.2 and earlier

CVE-2023-28413

  • Snow Monkey Forms versions v5.0.6 and earlier

Description

WordPress Plugin “MW WP Form” and “Snow Monkey Forms” provided by Monkey Wrench Inc. contain multiple vulnerabilities listed below.

  • Directory traversal (CWE-22) - CVE-2023-28408

    CVSS v3

    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

    Base Score: 7.2

    CVSS v2

    AV:N/AC:L/Au:N/C:N/I:P/A:P

    Base Score: 6.4

  • Unrestricted upload of file with dangerous type (CWE-434) - CVE-2023-28409

    CVSS v3

    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

    Base Score: 5.3

    CVSS v2

    AV:N/AC:L/Au:N/C:N/I:P/A:N

    Base Score: 5.0

  • Directory traversal (CWE-22) - CVE-2023-28413

    CVSS v3

    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

    Base Score: 8.3

    CVSS v2

    AV:N/AC:L/Au:N/C:P/I:P/A:P

    Base Score: 7.5

Impact

  • A remote unauthenticated attacker may alter the website or cause a denial-of-service (DoS) condition, and obtain sensitive information depending on settings - CVE-2023-28408
  • A remote unauthenticated attacker may upload an unintended file - CVE-2023-28409
  • A remote unauthenticated attacker may obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition - CVE-2023-28413

Solution

Update the plugin
Update the plugin according to the information provided by the developer.

Vendor Status

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

CVE-2023-28408
Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2023-28409
Shuya Ota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2023-28413
Monkey Wrench Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Other Information

Update History

2023/05/15

Fixed a typo in the CVSS v3 for CVE-2023-28413 under the section [Description].

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE