CVE-2021-34639 — Reliance on File Name or Extension of Externally-Supplied File in Eden INC Wordpress Download Manager

CWE-646 — Reliance on File Name or Extension of Externally-Supplied File CWE-434 — Unrestricted File Upload3 documents3 sources

Severity

8.8HIGHNVD

CNA7.5

EPSS

0.3%

top 51.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

W3 Eden INC Wordpress Download Manager W3eden Download Manager

Timeline

PublishedAug 5

Latest updateMay 24

Description

Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g. "payload.php.png" which is executable in some configurations. This issue affects: WordPress Download Manager version 3.1.24 and prior versions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5w3_eden_inc/wordpress_download_manager3.1.24 — 3.1.24

▶NVDw3eden/download_manager3.1.24

🔴Vulnerability Details

GHSA

GHSA-w5w3-25g6-2m2x: Authenticated File Upload in WordPress Download Manager <= 3↗2022-05-24

▶

CVEList

WordPress Download Manager <= 3.1.24 Authenticated Arbitrary File Upload↗2021-08-05

▶