CVE-2019-15858
published 2019-09-03CVE-2019-15858: admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by…
PriorityP265high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
20.81%
97.2th percentile
admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| webcraftic | woody_ad_snippets | < 2.2.5 | 2.2.5 |
Detection & IOCsextracted from sources · hover to see the quote
- →Probe for vulnerable plugin version by fetching the readme.txt of the 'insert-php' (Woody Ad Snippets) plugin and checking that the body contains 'Changelog' and 'Woody ad snippets' but does NOT contain version string '2.2.5'.
- →The vulnerability is exploitable without authentication — any unauthenticated HTTP request to the import endpoint (admin/includes/class.import.snippet.php) can import arbitrary options, including XSS/RCE payloads.
- ·The Nuclei template uses only a single GET request to the readme.txt file for version detection; it does not actively exploit the import endpoint. A 200 response containing 'Changelog' and 'Woody ad snippets' without '2.2.5' indicates a vulnerable installation.
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution
nuclei·CVSS 8.8
CVE-2019-15858 [HIGH] WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution
WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution
WordPress Woody Ad Snippets prior to 2.2.5 is susceptible to cross-site scripting and remote code execution via admin/includes/class.import.snippet.php, which allows unauthenticated options import as demonstrated by storing a cross-site scripting payload for remote code execution.
Template:
id: CVE-2019-15858
info:
name: WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution
author: dwisiswant0,fmunozs,patralos
severity: high
description: |
WordPress Woody Ad Snippets prior to 2.2.5 is susceptible to cross-site scripting and remote code execution via admin/includes/class.import.snippet.php, which allows unauthenticated options import as demonstrated by storing a cross-site scripting
No writeups or analysis indexed.
https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-woody-ad-snippets-plugin-lead-to-remote-code-execution/https://wpvulndb.com/vulnerabilities/9490https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-woody-ad-snippets-plugin-lead-to-remote-code-execution/https://wpvulndb.com/vulnerabilities/9490
2019-09-03
Published