CVE-2024-34806-40fde82d1139f989e39d48eddd554635.yaml

id: CVE-2024-34806-40fde82d1139f989e39d48eddd554635

info:
  name: >
    Clearfy Cache <= 2.2.1 - Cross-Site Request Forgery
  author: topscoder
  severity: medium
  description: >
    The Clearfy Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
  reference:
    - https://github.com/topscoder/nuclei-wordfence-cve
    - https://www.wordfence.com/threat-intel/vulnerabilities/id/26d28cb4-3cbd-4baf-968a-a3d37693306f?source=api-prod
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
    cvss-score: 4.3
    cve-id: CVE-2024-34806
  metadata:
    fofa-query: "wp-content/plugins/clearfy/"
    google-query: inurl:"/wp-content/plugins/clearfy/"
    shodan-query: 'vuln:CVE-2024-34806'
  tags: cve,wordpress,wp-plugin,clearfy,medium

http:
  - method: GET
    redirects: true
    max-redirects: 3
    path:
      - "{{BaseURL}}/wp-content/plugins/clearfy/readme.txt"

    extractors:
      - type: regex
        name: version
        part: body
        group: 1
        internal: true
        regex:
          - "(?mi)Stable tag: ([0-9.]+)"

      - type: regex
        name: version
        part: body
        group: 1
        regex:
          - "(?mi)Stable tag: ([0-9.]+)"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "clearfy"
        part: body

      - type: dsl
        dsl:
          - compare_versions(version, '<= 2.2.1')