CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-36666

The directory-pro WordPress plugin before 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin before 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress plugin before 1.0.9, real-estate-pro WordPress plugin before 1.7.1, institutions-directory WordPress plugin before 1.3.1, lawyer-directory WordPress plugin before 1.2.9, doctor-listing WordPress plugin before 1.3.6, Hotel Listing WordPress plugin before 1.3.7, fitness-trainer WordPress plugin before 1.4.1, wp-membership WordPress plugin before 1.5.7, sold by the same developer (e-plugins), do not implementing any security measures in some AJAX calls. For example in the file plugin.php, the function iv_directories_update_profile_setting() uses update_user_meta with any data provided by the ajax call, which can be used to give the logged in user admin capabilities. Since the plugins allow user registration via a custom form (even if the blog does not allow users to register) it makes any site using it vulnerable.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.9%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2020-36666

E-Plugins » Directory Pro » Version: N/A

cpe:2.3:a:e-plugins:directory_pro:-
E-Plugins » Final User » Version: N/A

cpe:2.3:a:e-plugins:final_user:-
E-Plugins » Fitness Trainer » Version: N/A

cpe:2.3:a:e-plugins:fitness_trainer:-
E-Plugins » Hospital & Doctor Directory » Version: N/A

cpe:2.3:a:e-plugins:hospital_&_doctor_directory:-
E-Plugins » Hotel Directory » Version: N/A

cpe:2.3:a:e-plugins:hotel_directory:-
E-Plugins » Institutions Directory » Version: N/A

cpe:2.3:a:e-plugins:institutions_directory:-
E-Plugins » Lawyer Directory » Version: N/A

cpe:2.3:a:e-plugins:lawyer_directory:-
E-Plugins » Photographer-Directory » Version: N/A

cpe:2.3:a:e-plugins:photographer-directory:-
E-Plugins » Producer-Retailer » Version: N/A

cpe:2.3:a:e-plugins:producer-retailer:-
E-Plugins » Real Estate Pro » Version: N/A

cpe:2.3:a:e-plugins:real_estate_pro:-
E-Plugins » Wp Membership » Version: N/A

cpe:2.3:a:e-plugins:wp_membership:-
E-Plugins » Wp Membership » Version: 1.2.3

cpe:2.3:a:e-plugins:wp_membership:1.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-36666

Products

Pricing

Contact Us