CVE-2020-36875
CVE-2020-36875
9.3
CriticalPublished:
Last updated:
Source:disclosure@vulncheck.com
Deferred
Weakness (CWE)
CVSS Vector
v4.0- Attack Vector
- Network
- Attack Complexity
- Low
- Attack Requirements
- None
- Privileges Required
- None
- User Interaction
- None
- Confidentiality (Vulnerable)
- High
- Integrity (Vulnerable)
- High
- Availability (Vulnerable)
- High
- Confidentiality (Subsequent)
- None
- Integrity (Subsequent)
- None
- Availability (Subsequent)
- None
Description
AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the login_error parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of the WordPress web server process, resulting in remote code execution.
References
disclosure@vulncheck.com
https://accessally.com/software-release/accessally-3-3-2/disclosure@vulncheck.com
https://wpscan.com/vulnerability/c644de6d-098d-4889-b75d-53fd2b89ff4d/disclosure@vulncheck.com
https://www.vulncheck.com/advisories/accessally-unauthenticated-arbitrary-php-code-execution134c704f-9b21-4f2e-91b3-4a467353bcc0
https://wpscan.com/vulnerability/c644de6d-098d-4889-b75d-53fd2b89ff4d/