CVE-2020-9043
published 2020-02-17CVE-2020-9043: The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.
PriorityP275high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
8.17%
94.2th percentile
The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wpcentral | wpcentral | < 1.5.1 | 1.5.1 |
Detection & IOCsextracted from sources · hover to see the quote
regexWordPress wpCentral ([a-z0-9]+)
- →Extract the wpCentral connection key from the response body by matching the regex pattern for 'WordPress wpCentral' followed by an alphanumeric token — this token is the disclosed connection key.
- →Extract the WordPress nonce from the response body using the '_wpnonce=' parameter pattern; this nonce is used as part of the exploit chain to retrieve the connection key.
- →The exploit targets the body of a WordPress page response (part: body), indicating the connection key is leaked in unauthenticated or low-privilege HTTP responses.
- ·The vulnerability affects wpCentral plugin versions before 1.5.1; ensure detection rules are scoped to installations running versions prior to 1.5.1. ↗
- ·The two regex extractions (connection key and nonce) are marked 'internal: true', meaning they are intermediate extraction steps in a multi-stage detection template, not standalone indicators — both values must be chained together to confirm exploitation.
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vulncheck8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pw37-9grr-qqxj: The wpCentral plugin before 1
ghsa_unreviewed·2022-05-24
CVE-2020-9043 [HIGH] CWE-269 GHSA-pw37-9grr-qqxj: The wpCentral plugin before 1
The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.
VulnCheck
wpcentral wpcentral Exposure of Sensitive Information to an Unauthorized Actor
vulncheck·2020·CVSS 8.8
CVE-2020-9043 [HIGH] wpcentral wpcentral Exposure of Sensitive Information to an Unauthorized Actor
wpcentral wpcentral Exposure of Sensitive Information to an Unauthorized Actor
The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.
Affected: wpcentral wpcentral
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-central/wpcentral-150-improper-access-control-to-privilege-escalation
No detection rules found.
Nuclei
WordPress wpCentral <1.5.1 - Information Disclosure
nuclei·CVSS 8.8
CVE-2020-9043 [HIGH] WordPress wpCentral <1.5.1 - Information Disclosure
WordPress wpCentral ([a-z0-9]+)'
internal: true
part: body
- type: regex
name: nonce
group: 1
regex:
- '_wpnonce=([0-9a-z]+)'
internal: true
part: body
# digest: 490a00463044022033f34e774ee0ce2efa8c527d931a9795273e1db7a2124c36adb3d6b6f00d316502200780ca4ad35d478a8af67964b8c7daae7d1907df4209d4a52b76359c158f42e3:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset?&old=2244363%40wp-central&new=2244363%40wp-centralhttps://wordpress.org/plugins/wp-central/#developershttps://wpvulndb.com/vulnerabilities/10074https://plugins.trac.wordpress.org/changeset?&old=2244363%40wp-central&new=2244363%40wp-centralhttps://wordpress.org/plugins/wp-central/#developershttps://wpvulndb.com/vulnerabilities/10074
2020-02-17
Published
Exploited in the wild