{"id":"CVE-2021-38314","details":"The Gutenberg Template Library & Redux Framework plugin \u003c= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the `includes` function in `redux-core/class-redux-core.php` that were unique to a given site but deterministic and predictable given that they were based on an md5 hash of the site URL with a known salt value of '-redux' and an md5 hash of the previous hash with a known salt value of '-support'. These AJAX actions could be used to retrieve a list of active plugins and their versions, the site's PHP version, and an unsalted md5 hash of site’s `AUTH_KEY` concatenated with the `SECURE_AUTH_KEY`.","modified":"2026-04-10T04:37:51.794802Z","published":"2021-09-02T17:15:09.777Z","references":[{"type":"EVIDENCE","url":"https://www.wordfence.com/blog/2021/09/over-1-million-sites-affected-by-redux-framework-vulnerabilities/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/reduxframework/redux-framework","events":[{"introduced":"0"},{"last_affected":"19be1fa302fd9744226eddeb50b618cacc208e95"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.2.11"}]}}],"versions":["3.0.0-beta","3.0.4","3.0.5","3.0.6","3.0.7","3.0.8","3.0.9","3.1.0","3.1.2","3.1.3","3.1.4","3.1.6","3.1.8","3.1.9","3.2.1","3.2.2","3.2.3","3.2.4","3.2.5","3.2.6","3.2.8","3.2.9","3.2.9.13","3.3.0","3.3.1.1","3.3.3","3.3.4","3.3.6","3.3.8","3.3.9.4","3.4.0","3.4.3.6","3.5.0","3.5.1","3.5.5","3.5.5.10","3.5.7","3.5.9","3.6.0.1","3.6.15","3.6.16","3.6.17","3.6.18","3.6.5","4.1.28","4.1.29","4.2.0","4.2.1","4.2.10","4.2.11","4.2.2","4.2.3","4.2.4","4.2.5","4.2.6","4.2.7","4.2.8","4.2.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-38314.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}