Lucene search
China National Vulnerability DatabaseCNVD-2022-69147HistoryMay 07, 2021 - 12:00 a.m.
WordPress College publisher Import plugin file upload vulnerability
2021-05-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
44.7%
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. College publisher Import is a plugin for WordPress. WordPress College publisher Import plugin 0.1 and earlier versions have a file upload vulnerability that stems from the plugin’s failure to check the uploaded CSV file to be imported, allowing an elevated privilege user to upload arbitrary files. An attacker could exploit this vulnerability to upload script files such as PHP files leading to remote code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wordpresscollege publisher import | le | 0.1 |
Related
prion
prion
Cross site request forgery (csrf)
2021-05-06 13:15:00
nvd
nvd
CVE-2021-24254
2021-05-06 13:15:11
wpexploit
wpexploit
College Publisher Import <= 0.1 - Arbitrary File Upload to RCE
2021-04-11 00:00:00
cve
cve
CVE-2021-24254
2021-05-06 13:15:11
cvelist
cvelist
wpvulndb
wpvulndb
College Publisher Import <= 0.1 - Arbitrary File Upload to RCE
2021-04-11 00:00:00
patchstack
patchstack