Vulnerabilidad en el plugin MailPoet Newsletters para WordPress (CVE-2014-4725)
Gravedad CVSS v2.0:
ALTA
Tipo:
CWE-287
Autenticación incorrecta
Fecha de publicación:
27/07/2014
Última modificación:
12/04/2025
Descripción
El plugin MailPoet Newsletters (wysija-newsletters) anterior a 2.6.7 para WordPress permite a atacantes remotos evadir la autenticación y ejecutar código PHP arbitrario mediante la subida de un tema a través de wp-admin/admin-post.php y el acceso al tema en wp-content/uploads/wysija/themes/mailp/.
Impacto
Puntuación base 2.0
7.50
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:mailpoet:mailpoet_newsletters:*:*:*:*:*:wordpress:*:* | 2.6.6 (incluyendo) | |
| cpe:2.3:a:mailpoet:mailpoet_newsletters:0.9:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:0.9.1:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:0.9.2:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:0.9.6:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:1.0:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:1.0.1:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:1.1:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:1.1.1:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:1.1.2:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:1.1.3:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:1.1.4:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:1.1.5:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:2.0:*:*:*:*:wordpress:*:* | ||
| cpe:2.3:a:mailpoet:mailpoet_newsletters:2.0.1:*:*:*:*:wordpress:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://arstechnica.com/security/2014/07/mass-exploit-of-wordpress-plugin-backdoors-sites-running-joomla-magento-too/
- http://blog.sucuri.net/2014/07/mailpoet-vulnerability-exploited-in-the-wild-breaking-thousands-of-wordpress-sites.html
- http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html
- http://blog.sucuri.net/2014/07/remote-file-upload-vulnerability-on-mailpoet-wysija-newsletters.html
- http://www.openwall.com/lists/oss-security/2014/07/08/7
- https://wordpress.org/plugins/wysija-newsletters/changelog/
- http://arstechnica.com/security/2014/07/mass-exploit-of-wordpress-plugin-backdoors-sites-running-joomla-magento-too/
- http://blog.sucuri.net/2014/07/mailpoet-vulnerability-exploited-in-the-wild-breaking-thousands-of-wordpress-sites.html
- http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html
- http://blog.sucuri.net/2014/07/remote-file-upload-vulnerability-on-mailpoet-wysija-newsletters.html
- http://www.openwall.com/lists/oss-security/2014/07/08/7
- https://wordpress.org/plugins/wysija-newsletters/changelog/