NVD - CVE-2021-4342

Vulnerability Change Records for CVE-2021-4342

Change History

Initial Analysis by NIST 6/22/2023 12:10:03 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:10up:elasticpress::::::wordpress:: versions up to (excluding) 3.5.4 cpe:2.3:a:10web:10webanalytics::::::wordpress:: versions up to (excluding) 1.2.9 cpe:2.3:a:amministrazione_trasparente_project:amministrazione_trasparente::::::wordpress:: versions up to (excluding) 7.1.1 cpe:2.3:a:analogwp:style_kits::::::wordpress:: versions up to (excluding) 1.8.1 cpe:2.3:a:ashstonestudios:absolute_reviews::::::wordpress:: versions up to (excluding) 1.0.9 cpe:2.3:a:ashstonestudios:advanced_popups::::::wordpress:: versions up to (excluding) 1.1.2 cpe:2.3:a:brainstormforce:import_\/_export_customizer_settings::::::wordpress:: versions up to (excluding) 1.0.4 cpe:2.3:a:brainstormforce:lightweight_sidebar_manager::::::wordpress:: versions up to (excluding) 1.1.4 cpe:2.3:a:c7style:contact_form_7_style::::::wordpress:: versions up to (including) 3.2 cpe:2.3:a:cartflows:funnel_builder::::::wordpress:: versions up to (excluding) 1.5.16 cpe:2.3:a:cm-wp:woody_code_snippets::::::wordpress:: versions up to (excluding) 2.3.10 cpe:2.3:a:coolplugins:cool_timeline::::::wordpress:: versions up to (excluding) 2.0.3 cpe:2.3:a:coolplugins:process_steps_template_designer::::::wordpress:: versions up to (excluding) 1.3 cpe:2.3:a:designwall:dw_question_\&_answer:::::pro:wordpress::* versions up to (including) 1.5.7 cpe:2.3:a:edwiser:bridge::::::wordpress:: versions up to (excluding) 2.0.7 cpe:2.3:a:eventespresso:event_espresso::::::wordpress:: versions up to (including) 4.10.11.decaf cpe:2.3:a:ewww:image_optimizer::::::wordpress:: versions up to (excluding) 5.9.0 cpe:2.3:a:exportfeed:woocommerce_etsy_integration::::::wordpress:: versions up to (including) 3.3.1 cpe:2.3:a:flippercode:custom_css-js-php::::::wordpress:: versions up to (including) 2.0.7 cpe:2.3:a:flippercode:photo_gallery_-_image_gallery::::::wordpress:: versions up to (including) 1.0.6 cpe:2.3:a:flippercode:wp_security_question::::::wordpress:: versions up to (including) 1.0.5 cpe:2.3:a:goldplugins:custom_banners::::::wordpress:: versions up to (excluding) 3.3 cpe:2.3:a:goldplugins:easy_testimonials::::::wordpress:: versions up to (excluding) 3.7 cpe:2.3:a:goldplugins:locations::::::wordpress:: versions up to (excluding) 4.0 cpe:2.3:a:goldplugins:staff_directory_plugin::::::wordpress:: versions up to (excluding) 4.0 cpe:2.3:a:goprayer:wp_prayer::::::wordpress:: versions up to (excluding) 1.6.6 cpe:2.3:a:graphpaperpress:sell_media::::::wordpress:: versions up to (including) 2.5.5 cpe:2.3:a:implecode:ecommerce_product_catalog::::::wordpress:: versions up to (excluding) 2.9.44 cpe:2.3:a:implecode:ecommerce_product_catalog::::::wordpress:: versions from (including) 3.0.1 up to (excluding) 3.0.18 cpe:2.3:a:implecode:product_catalog_simple::::::wordpress:: versions up to (excluding) 1.5.13 cpe:2.3:a:incsub:forminator::::::wordpress:: versions up to (excluding) 1.13.5 cpe:2.3:a:incsub:forminator::::::wordpress:: versions from (including) 1.14.0 up to (excluding) 1.14.9 cpe:2.3:a:inoplugs:wp-backgrounds_lite::::::wordpress:: versions up to (including) 2.3 cpe:2.3:a:jesseeproductions:coupon_creator::::::wordpress:: versions up to (excluding) 3.1.1 cpe:2.3:a:menu_swapper_project:menu_swapper::::::wordpress:: versions up to (excluding) 1.1.1 cpe:2.3:a:multiple_roles_project:multiple_roles::::::wordpress:: versions up to (including) 1.3.1 cpe:2.3:a:multivendorx:multivendorx::::::wordpress:: versions up to (excluding) 3.5.8 cpe:2.3:a:multivendorx:multivendorx::::::wordpress:: versions from (including) 3.5.9 up to (excluding) 3.7.8 cpe:2.3:a:oceanwp:ocean_extra::::::wordpress:: versions up to (excluding) 1.6.6 cpe:2.3:a:paidmembershipspro:paid_memberships_pro::::::wordpress:: versions up to (excluding) 2.4.3 cpe:2.3:a:presscustomizr:customizr::::::wordpress:: versions up to (excluding) 4.3.1 cpe:2.3:a:presscustomizr:hueman::::::wordpress:: versions up to (excluding) 3.6.2 cpe:2.3:a:qtranslate_slug_project:qtranslate_slug::::::wordpress:: versions up to (including) 1.1.18 cpe:2.3:a:quantumcloud:slider_hero::::::wordpress:: versions up to (excluding) 8.2.1 cpe:2.3:a:radio_buttons_for_taxonomies_project:radio_buttons_for_taxonomies::::::wordpress:: versions up to (excluding) 2.0.6 cpe:2.3:a:rays_grid_project:rays_grid::::::wordpress:: versions up to (including) 1.2.2 cpe:2.3:a:rucy_project:rucy::::::wordpress:: versions up to (including) 0.4.4 cpe:2.3:a:slickremix:feed_them_social::::::wordpress:: versions up to (excluding) 2.8.7 cpe:2.3:a:sunshinephotocart:sunshine_photo_cart::::::wordpress:: versions up to (excluding) 2.8.29 cpe:2.3:a:themeisle:rss_aggregator_by_feedzy::::::wordpress:: versions up to (excluding) 3.4.3 cpe:2.3:a:thimpress:wp_hotel_booking::::::wordpress:: versions up to (excluding) 1.10.2 cpe:2.3:a:tychesoftwares:abandoned_cart_lite_for_woocommerce::::::wordpress:: versions up to (excluding) 5.8.6 cpe:2.3:a:villatheme:abandoned_cart_recovery_for_woocommerce::::::wordpress:: versions up to (excluding) 1.0.4.1 cpe:2.3:a:vuukle:vuukle_comments\,_reactions\,_share_bar\,_revenue::::::wordpress:: versions up to (excluding) 4.0 cpe:2.3:a:webberzone:better_search::::::wordpress:: versions up to (excluding) 2.5.3 cpe:2.3:a:webberzone:top_10::::::wordpress:: versions up to (excluding) 2.9.5 cpe:2.3:a:websitescanner:remove_schema::::::wordpress:: versions up to (excluding) 1.6 cpe:2.3:a:wedevs:dokan::::::wordpress:: versions up to (excluding) 3.0.9 cpe:2.3:a:wedevs:dokan::::::wordpress:: versions from (including) 3.1.0 up to (excluding) 3.2.1 cpe:2.3:a:wedevs:wp_erp::::::wordpress:: versions up to (excluding) 1.6.4 cpe:2.3:a:wedevs:wp_erp::::::wordpress:: versions from (including) 1.7.0 up to (excluding) 1.7.5 cpe:2.3:a:wedevs:wp_project_manager::::::wordpress:: versions up to (excluding) 2.4.1 cpe:2.3:a:wedevs:wp_project_manager::::::wordpress:: versions from (including) 2.4.2 up to (excluding) 2.4.10 cpe:2.3:a:wmpudev:defender_security::::::wordpress:: versions up to (excluding) 2.4.6.1 cpe:2.3:a:wp-mpdf_project:wp-mpdf::::::wordpress:: versions up to (excluding) 3.5.2 cpe:2.3:a:wpconcern:coming_soon_\&_maintenance_mode_page::::::wordpress:: versions up to (excluding) 1.58 cpe:2.3:a:wpdeveloper:notificationx::::::wordpress:: versions up to (excluding) 1.8.3 cpe:2.3:a:wpeasypay:wp_easypay::::::wordpress:: versions up to (excluding) 3.2.3 cpe:2.3:a:wpexpertdeveloper:wp_private_content_plus::::::wordpress:: versions up to (excluding) 3.2 cpe:2.3:a:wpexperts:post_smtp_mailer::::::wordpress:: versions up to (excluding) 2.0.21 cpe:2.3:a:wpgogo:custom_field_template::::::wordpress:: versions up to (excluding) 2.5.2 cpe:2.3:a:wpopal:opal_estate::::::wordpress:: versions up to (including) 1.6.11 cpe:2.3:a:wpswings:ultimate_gift_cards_for_woocommerce::::::wordpress:: versions up to (excluding) 2.1.2
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added	CWE		NIST CWE-352
Changed	Reference Type	https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/ No Types Assigned	https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/ Exploit, Third Party Advisory
Changed	Reference Type	https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/ No Types Assigned	https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/ Exploit, Third Party Advisory
Changed	Reference Type	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/ No Types Assigned	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/ Exploit, Third Party Advisory
Changed	Reference Type	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/ No Types Assigned	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/ Exploit, Third Party Advisory
Changed	Reference Type	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/ No Types Assigned	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/ Exploit, Third Party Advisory
Changed	Reference Type	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/ No Types Assigned	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/ Exploit, Third Party Advisory
Changed	Reference Type	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/ No Types Assigned	https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/ Exploit, Third Party Advisory
Changed	Reference Type	https://www.wordfence.com/threat-intel/vulnerabilities/id/1b3d9251-9824-4bd0-aa2f-5a967ef01de3?source=cve No Types Assigned	https://www.wordfence.com/threat-intel/vulnerabilities/id/1b3d9251-9824-4bd0-aa2f-5a967ef01de3?source=cve Third Party Advisory