CVE-2022-0537

CWE-434Unrestricted File Upload3 documents3 sources
Severity
7.2HIGH
EPSS
0.9%
top 24.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Unknown Mappress Maps FOR WordpressMappresspro Mappress
Timeline
PublishedApr 4
Latest updateApr 5

Description

The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the site through the "ajax_save" function. The file is written relative to the current 's stylesheet directory, and a .php file extension is added. No validation is performed on the content of the file, triggering an RCE vulnerability by uploading a web shell. Further the name parameter is not sanitized, allowing the pa

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5unknown/mappress_maps_for_wordpress2.73.132.73.13
NVDmappresspro/mappress< 2.73.13

🔴Vulnerability Details

2
GHSA
GHSA-5w72-p3x5-c825: The MapPress Maps for WordPress plugin before 22022-04-05
CVEList
MapPress Maps for WordPress < 2.73.13 - Admin+ File Upload to Remote Code Execution2022-04-04
CVE-2022-0537 (HIGH CVSS 7.2) | The MapPress Maps for WordPress plu | cvebase.io