CVE-2021-24962

moderate-risk
Published 2022-03-28

The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution.

Do I need to act?

~
1.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (2)

Wordpress File Upload Pro

Affected Vendors

Iptanus

References (4)

Patch https://plugins.trac.wordpress.org/changeset/2677722
Exploit https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623
Patch https://plugins.trac.wordpress.org/changeset/2677722
Exploit https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623
41
/ 100
moderate-risk
Severity 30/34 · Critical
Exploitability 4/34 · Minimal
Exposure 7/34 · Low