⚠ Exploited in the wild

Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2019-8942 — Unrestricted File Upload in Wordpress

CWE-434 — Unrestricted File Upload20 documents10 sources

Severity

8.8HIGHNVD

EPSS

93.0%

top 0.22%

CISA KEV

Not in KEV

Exploit

Exploited in wild

Active exploitation observed

Affected products

Wordpress Debian Wordpress Debian Linux

Timeline

PublishedFeb 20

Latest updateMay 13

Description

WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/wordpress< wordpress 5.0.1+dfsg1-1 (bookworm)

▶NVDwordpress/wordpress< 4.9.9+1

▶Debianwordpress/wordpress< 5.0.1+dfsg1-1+3

Also affects: Debian Linux 9.0

🔴Vulnerability Details

GHSA

GHSA-rwhm-6hw4-9fgg: WordPress before 4↗2022-05-13

▶

OSV

CVE-2019-8942: WordPress before 4↗2019-02-20

▶

VulnCheck

WordPress wordpress Unrestricted Upload of File with Dangerous Type↗2019

▶

💥Exploits & PoCs

Exploit-DB

WordPress Core 5.0.0 - Crop-image Shell Upload (Metasploit)↗2019-04-05

▶

Exploit-DB

WordPress Core 5.0 - Remote Code Execution↗2019-03-01

▶

Metasploit

WordPress Crop-image Shell Upload↗

▶

📋Vendor Advisories

Debian

CVE-2019-8942: wordpress - WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because...↗2019

▶

🕵️Threat Intelligence

Unit42

Network Attack Trends: Internet of Threats (November 2020-January 2021)↗2021-04-12

▶

Unit42

Network Attack Trends: Internet of Threats (November 2020-January 2021)↗2021-04-12

▶

Trendmicro

Remote Code Execution-Sicherheitslücken in WordPress↗2019-03-01

▶

Trendmicro

Wordpress: Analyzing CVE-2019-8942 and CVE-2019-8943↗2019-02-26

▶

Trendmicro

Wordpress: Analyzing CVE-2019-8942 and CVE-2019-8943↗2019-02-26

▶

💬Community

Bugzilla

CVE-2019-8942 wordpress: Author users can execute arbitrary code by leveraging path traversal↗2019-02-20

▶

Bugzilla

CVE-2019-8942 CVE-2019-8943 wordpress: various flaws [fedora-all]↗2019-02-20

▶

Bugzilla

CVE-2019-8942 CVE-2019-8943 wordpress: various flaws [epel-all]↗2019-02-20

▶