CVE-2022-0952
HIGH EXPLOITED NUCLEISitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Option Update via REST Endpoint
Title source: llmExploitation Summary
CVE-2022-0952 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including RandomRobbieBF. A Nuclei detection template is also available.
AI-analyzed exploit summary This PoC exploits CVE-2022-0952, an unauthenticated arbitrary options update vulnerability in the Sitemap by click5 WordPress plugin. It allows attackers to enable user registration and set the default role to administrator, enabling account creation with admin privileges.
Description
The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog.
Exploits (1)
This PoC exploits CVE-2022-0952, an unauthenticated arbitrary options update vulnerability in the Sitemap by click5 WordPress plugin. It allows attackers to enable user registration and set the default role to administrator, enabling account creation with admin privileges.
Nuclei Templates (1)
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H