[Japanese]

JVNDB-2023-000050

Multiple vulnerabilities in WordPress Plugin "MW WP Form" and "Snow Monkey Forms"

Overview

WordPress Plugin "MW WP Form" and "Snow Monkey Forms" provided by Monkey Wrench Inc. contain multiple vulnerabilities listed below.

* Directory traversal (CWE-22) - CVE-2023-28408
* Unrestricted upload of file with dangerous type (CWE-434) - CVE-2023-28409
* Directory traversal (CWE-22) - CVE-2023-28413

CVE-2023-28408
Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2023-28409
Shuya Ota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2023-28413
Monkey Wrench Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 8.3 (High) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low
CVSS V2 Severity:
Base Metrics 7.5 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2023-28413

CVSS V3 Severity:
Base Metrics 7.2 (High) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: Low
CVSS V2 Severity:
Base Metrics 6.4 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2023-28408

CVSS V3 Severity:
Base Metrics 5.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2023-28409
Affected Products


Monkey Wrench
  • MW WP Form versions v4.4.2 and earlier (CVE-2023-28408, CVE-2023-28409)
  • Snow Monkey Forms versions v5.0.6 and earlier (CVE-2023-28413)

Impact

* A remote unauthenticated attacker may alter the website or cause a denial-of-service (DoS) condition, and obtain sensitive information depending on settings - CVE-2023-28408
* A remote unauthenticated attacker may upload an unintended file - CVE-2023-28409
* A remote unauthenticated attacker may obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition - CVE-2023-28413
Solution

[Update the plugin]
Update the plugin according to the information provided by the developer.
Vendor Information

Monkey Wrench
CWE (What is CWE?)

  1. Path Traversal(CWE-22) [IPA Evaluation]
  2. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2023-28408
  2. CVE-2023-28409
  3. CVE-2023-28413
References

  1. JVN : JVN#01093915
  2. National Vulnerability Database (NVD) : CVE-2023-28408
  3. National Vulnerability Database (NVD) : CVE-2023-28409
  4. National Vulnerability Database (NVD) : CVE-2023-28413
Revision History

  • [2023/05/15]
      Web page was published
  • [2024/05/29]
      References : Contents were added

Date Public2023/05/15
Date First Published2023/05/15
Date Last Updated2024/05/29