Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-29447 — XML External Entity (XXE) Injection in Wordpress

CWE-611 — XML External Entity (XXE) Injection7 documents6 sources

Severity

6.5MEDIUMNVD

CNA7.1

EPSS

90.0%

top 0.42%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Wordpress Debian Wordpress Wordpress Wordpress-develop +1 more

Timeline

PublishedApr 15

Latest updateSep 20

Description

Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/wordpress< wordpress 5.7.1+dfsg1-1 (bookworm)

▶NVDwordpress/wordpress5.6.0 — 5.7.1

▶Debianwordpress/wordpress< 5.7.1+dfsg1-1+3

▶CVEListV5wordpress/wordpress-develop>= 5.6.0, < 5.7.1

Also affects: Debian Linux 10.0, 9.0

🔴Vulnerability Details

CVEList

WordPress Authenticated XXE attack when installation is running PHP 8↗2021-04-15

▶

OSV

CVE-2021-29447: Wordpress is an open source CMS↗2021-04-15

▶

💥Exploits & PoCs

Exploit-DB

WordPress 5.7 - 'Media Library' XML External Entity Injection (XXE) (Authenticated)↗2021-09-20

▶

📋Vendor Advisories

Debian

CVE-2021-29447: wordpress - Wordpress is an open source CMS. A user with the ability to upload files (like a...↗2021

▶

📄Research Papers

CTF

easy / README↗

▶

CTF

MetaTwo / README↗

▶