CVE-2021-24962

CWE-22 — Path Traversal3 documents3 sources

Severity

8.8HIGH

EPSS

1.7%

top 17.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Unknown Wordpress File Upload Unknown Wordpress File Upload PRO Iptanus Wordpress File Upload +1 more

Timeline

PublishedMar 28

Latest updateMar 29

Description

The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5unknown/wordpress_file_upload4.16.3 — 4.16.3

▶NVDiptanus/wordpress_file_upload< 4.16.3

▶CVEListV5unknown/wordpress_file_upload_pro4.16.3 — 4.16.3

▶NVDiptanus/wordpress_file_upload_pro< 4.16.3

Patches

Patch: plugins.trac.wordpress.org ↗Patch: plugins.trac.wordpress.org ↗

🔴Vulnerability Details

GHSA

GHSA-x2qc-gfcm-c5m4: The WordPress File Upload Free and Pro WordPress plugins before 4↗2022-03-29

▶

CVEList

WordPress File Upload < 4.16.3 - Contributor+ Path Traversal to RCE↗2022-03-28

▶