Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | N/A |
CWE-ID | CWE-94 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
Accelerated Mobile Pages Web applications / Modules and components for CMS |
Vendor | AMP Project |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU15912
Risk: Low
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote low-privileged attacker to inject malicious code on the targeted website.
The weakness exists in the ampforwp_save_steps_data which is called to save settings during the installation wizard that's been registered wp_ajax_ampforwp_save_installer ajax hook due to insufficient validation of user-supplied input. A remote attacker can supply a specially crafted input to inject arbitrary code on AMP pages.
Update to version 0.9.97.20.
Vulnerable software versionsAccelerated Mobile Pages: before 0.9.97.20
External linkshttp://www.webarxsecurity.com/amp-plugin-vulnerability/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.