Goal Reached Thanks to every supporter β€” we hit 100%!

Goal: 1000 CNY Β· Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-0952 β€” AI Deep Analysis Summary

Q1What is this vulnerability? (Essence + Consequences)

🚨 **Essence**: Unauthenticated Arbitrary Options Update in WordPress Plugin 'Sitemap by click5'. πŸ’₯ **Consequences**: Attackers can change blog settings, create admin accounts, and **take over the entire blog**.

Q2Root Cause? (CWE/Flaw)

πŸ›‘οΈ **Root Cause**: Missing **Authorization** and **CSRF checks** on REST endpoints. The plugin fails to verify if the option being updated belongs to it.

Q3Who is affected? (Versions/Components)

πŸ“¦ **Affected**: WordPress Plugin **Sitemap by click5**. πŸ“‰ **Version**: All versions **< 1.0.36**.

Q4What can hackers do? (Privileges/Data)

πŸ•΅οΈ **Attacker Actions**: Modify arbitrary options (e.g., `users_can_register`, `default_role`). πŸ‘‘ **Result**: Create new **Admin Accounts** and gain full control.

Q5Is exploitation threshold high? (Auth/Config)

πŸ”“ **Threshold**: **LOW**. 🚫 **Auth Required**: **None**. Unauthenticated attackers can exploit this directly.

Q6Is there a public Exp? (PoC/Wild Exploitation)

πŸ’£ **Exploit**: **YES**. πŸ”— Public PoC available on GitHub (RandomRobbieBF) and Nuclei templates.

Q7How to self-check? (Features/Scanning)

πŸ” **Self-Check**: Scan for plugin version < 1.0.36. πŸ§ͺ Test REST endpoints for missing auth/CSRF headers when updating options.

Q8Is it fixed officially? (Patch/Mitigation)

🩹 **Fix**: Upgrade plugin to version **1.0.36** or higher. βœ… Official patch addresses the authorization flaw.

Q9What if no patch? (Workaround)

🚧 **No Patch?**: Disable the plugin immediately. πŸ›‘ Block REST API access for this plugin via firewall/WAF rules.

Q10Is it urgent? (Priority Suggestion)

⚑ **Urgency**: **CRITICAL**. πŸ”₯ High impact (Full Admin Takeover) + Low barrier (No Auth) = Immediate Action Required.

Continue exploring

Vulnerability detail Full AI analysis (login) Unknown