PT-2021-22031 · Unknown · The Gutenberg Template Library & Redux Framework
Ramuel Gall
·
Published
2021-09-02
·
Updated
2026-05-24
·
CVE-2021-38314
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Gutenberg Template Library & Redux Framework plugin versions prior to 4.2.11
Description
The Gutenberg Template Library & Redux Framework plugin registered several AJAX actions available to unauthenticated users in the
includes function in redux-core/class-redux-core.php. These actions were unique to a given site but predictable, as they were based on an md5 hash of the site URL with a known salt value of '-redux' and an md5 hash of the previous hash with a known salt value of '-support'. These AJAX actions could be used to retrieve a list of active plugins and their versions, the site's PHP version, and an unsalted md5 hash of the site’s AUTH KEY concatenated with the SECURE AUTH KEY.Recommendations
Update the Gutenberg Template Library & Redux Framework plugin to version 4.2.11 or later.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
The Gutenberg Template Library & Redux Framework