Vulnerability CVE-2020-10257


Published: 2020-03-10

Description:
The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter.

Type:

CWE-94

(Improper Control of Generation of Code ('Code Injection'))

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Themerex -> Tacticool-shooting range wordpress theme 
Themerex -> Meals and wheels-food truck 
Themerex -> Scientia-public library 
Themerex -> Coinpress-cryptocurrency magazine \& blog wordpress theme 
Themerex -> Rosalinda-vegetarian \& health coach 
Themerex -> Addons 
Themerex -> Blabber 
Themerex -> Vihara-ashram\, buddhist 
Themerex -> Vapester 
Themerex -> Ozeum-museum 
Themerex -> Impacto patronus multi-landing 
Themerex -> Katelyn-gutenberg wordpress blog theme 
Themerex -> Modern housewife-housewife and family blog 
Themerex -> Chit club-board games 
Themerex -> Rare radio 
Themerex -> Heaven 11-multiskin property theme 
Themerex -> Chainpress 
Themerex -> Yottis-simple portfolio 
Themerex -> Piqes-creative startup \& agency wordpress theme 
Themerex -> Especio-food gutenberg theme 
Themerex -> Justitia-multiskin lawyer theme 
Themerex -> Helion-agency \&portfolio 
Themerex -> Kratz-digital agency 
Themerex -> Partiso electioncampaign 
Themerex -> Hobo digital nomad blog 
Themerex -> Amuli 
Themerex -> Pixefy 
Themerex -> Kargo-freight transport 
Themerex -> Rhodos-creative corporate wordpress theme 
Themerex -> Nelson-barbershop \+ tattoo salon 
Themerex -> Netmix-broadband \& telecom 
Themerex -> Maxify-startup blog 
Themerex -> Buzz stone-magazine \& blog 
Themerex -> Hallelujah-church 
Themerex -> Kids care 
Themerex -> Lingvico-language learning school 
Themerex -> Corredo sport event 
Themerex -> Right way 
Themerex -> Briny-diving wordpress theme 
Themerex -> Aldo-gutenberg wordpress blog theme 
Themerex -> Savejulia personal fundraising campaign 
Themerex -> Prider-pride fest 
Themerex -> Tornados 
Themerex -> Vixus-startup \/ mobile application 
Themerex -> Bonkozoo zoo 
Themerex -> Mystik-esoterics 
Themerex -> Gridiron 
Themerex -> Wellspring water filter systems 
Themerex -> Renewal-plastic surgeon clinic 
Themerex -> Skydiving and flying company 
Themerex -> Yungen-digital\/marketing agency 
Themerex -> Nazareth-church 
Themerex -> Gloss blog 
Themerex -> Dronex-aerial photography services 
Themerex -> Fc united-football 
Themerex -> Tediss-soft play area\, cafe \& child care center 
Themerex -> Plumbing-repair\, building \& construction wordpress theme 
Themerex -> Samadhi-buddhist 
Themerex -> Bugster-pests control 
Themerex -> Yolox-startup magazine \& blog wordpress theme 
Themerex -> Topper theme and skins 
Themerex -> Tantum-rent a car\, rent a bike\, rent a scooter multiskin theme 
Themerex -> Rumble-single fighter boxer\, news\, gym\, store 

 References:
https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/

Copyright 2021, cxsecurity.com

 

Back to Top