CVE-2020-36708

Exploit

EPSS 91.54%
Veröffentlicht 07.06.2023 02:15:11
Zuletzt bearbeitet 21.11.2024 05:30:07
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

Epsilon Framework Themes (Various Versions) - Function Injection

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4. This is due to epsilon_framework_ajax_action. This makes it possible for unauthenticated attackers to call functions and achieve remote code execution.

Mögliche Gegenmaßnahme

Activello: Update to version 1.4.2, or a newer patched version

Affluent: Update to version 1.1.2, or a newer patched version

Allegiant: Update to version 1.2.6, or a newer patched version

Antreas: Update to version 1.0.7, or a newer patched version

Bonkers: Update to version 1.0.6, or a newer patched version

Brilliance: Update to version 1.3.0, or a newer patched version

Illdy: Update to version 2.1.7, or a newer patched version

MedZone Lite: Update to version 1.2.6, or a newer patched version

NatureMag Lite: Update to version 1.0.5, or a newer patched version

NewsMag: Update to version 2.4.2, or a newer patched version

Newspaper X: Update to version 1.3.2, or a newer patched version

Pixova Lite: Update to version 2.0.7, or a newer patched version

Regina Lite: Update to version 2.0.6, or a newer patched version

Shapely: Update to version 1.2.9, or a newer patched version

Sparkling: Update to version 2.4.9, or a newer patched version

Transcend: Update to version 1.2.0, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 9

Weitere Schwachstelleninformationen

SystemWordPress Theme

≫

Produkt Activello

Version *-1.4.0

SystemWordPress Theme

≫

Produkt Affluent

Version *-1.1.0

SystemWordPress Theme

≫

Produkt Allegiant

Version *-1.2.2

SystemWordPress Theme

≫

Produkt Antreas

Version *-1.0.2

SystemWordPress Theme

≫

Produkt Bonkers

Version *-1.0.4

SystemWordPress Theme

≫

Produkt Brilliance

Version *-1.2.7

SystemWordPress Theme

≫

Produkt Illdy

Version *-2.1.4

SystemWordPress Theme

≫

Produkt MedZone Lite

Version *-1.2.4

SystemWordPress Theme

≫

Produkt NatureMag Lite

Version *-1.0.4

SystemWordPress Theme

≫

Produkt NewsMag

Version *-2.4.1

SystemWordPress Theme

≫

Produkt Newspaper X

Version *-1.3.1

SystemWordPress Theme

≫

Produkt Pixova Lite

Version *-2.0.5

SystemWordPress Theme

≫

Produkt Regina Lite

Version *-2.0.4

SystemWordPress Theme

≫

Produkt Shapely

Version *-1.2.7

SystemWordPress Theme

≫

Produkt Sparkling

Version *-2.4.8

SystemWordPress Theme

≫

Produkt Transcend

Version *-1.1.8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Colorlib ≫ Activello SwPlatformwordpress Version < 1.4.2

Colorlib ≫ Bonkers SwPlatformwordpress Version < 1.0.6

Colorlib ≫ Illdy SwPlatformwordpress Version < 2.1.7

Colorlib ≫ Newspaper X SwPlatformwordpress Version < 1.3.2

Colorlib ≫ Pixova Lite SwPlatformwordpress Version < 2.0.7

Colorlib ≫ Shapely SwPlatformwordpress Version < 1.2.9

Colorlib ≫ Sparklinkg SwPlatformwordpress Version <= 2.4.8

Cpothemes ≫ Affluent SwPlatformwordpress Version < 1.1.2

Cpothemes ≫ Allegiant SwPlatformwordpress Version < 1.2.6

Cpothemes ≫ Brilliance SwPlatformwordpress Version < 1.3.0

Cpothemes ≫ Transcend SwPlatformwordpress Version < 1.2.0

Machothemes ≫ Antreas SwPlatformwordpress Version < 1.0.7

Machothemes ≫ Medzone Lite SwPlatformwordpress Version < 1.2.6

Machothemes ≫ Naturemag Lite SwPlatformwordpress Version <= 1.0.4

Machothemes ≫ Newsmag SwPlatformwordpress Version < 2.4.2

Machothemes ≫ Regina Lite SwPlatformwordpress Version < 2.0.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	91.54%	0.997

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
security@wordfence.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-fixed-in-15-wordpress-themes/

Third Party Advisory

Exploit

https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-in-wordpress-sparkling-theme/

Third Party Advisory

Exploit

https://wpscan.com/vulnerability/bec52a5b-c892-4763-a962-05da7100eca5

Third Party Advisory

https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/5b75c322-539d-44e9-8f26-5ff929874b67?source=cve

Third Party Advisory