cbcvebase.
CVE-2017-1002000
published 2017-09-14

CVE-2017-1002000: Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php…

PriorityP271critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
27.45%
97.8th percentile
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.

Affected

2 ranges
VendorProductVersion rangeFixed in
jenova12345mobile-friendly-app-builder-by-easytouch>= unspecified < 3.03.0
mobile-friendly-app-builder-by-easytouch_projectmobile-friendly-app-builder-by-easytouch

Detection & IOCsextracted from sources · hover to see the quote

path./mobile-friendly-app-builder-by-easytouch/server/images.php
path/wp-content/plugins/mobile-friendly-app-builder-by-easytouch/
command?alien=whoami
command?alien=command
  • Monitor for unauthenticated POST requests to the vulnerable endpoint images.php within the plugin's server directory, which accepts arbitrary file uploads without authentication.
  • Detect webshell execution attempts by monitoring HTTP GET requests to the plugin's upload directory containing the query parameter '?alien=' which is the shell command parameter used by the exploit.
  • Alert on file creation events (e.g., PHP files) under /wp-content/plugins/mobile-friendly-app-builder-by-easytouch/ as this is where the exploit drops the uploaded shell.
  • ·The exploit targets plugin version 3.0 specifically; ensure detection rules scope to this version to reduce false positives.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.