Lucene search

WPScanCVE-2023-0477

HistoryMar 13, 2023 - 5:15 p.m.

CVE-2023-0477

2023-03-1317:15:12

CWE-434

WPScan

web.nvd.nist.gov

cve-2023-0477

wordpress plugin

file upload vulnerability

security

nvd

php files

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

36.5%

JSON

The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation.

Affected configurations

Nvd

Vulners

Node

cm-wpauto_featured_imageRange<3.9.16wordpress

VendorProductVersionCPE
cm-wpauto_featured_image*cpe:2.3:a:cm-wp:auto_featured_image:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
cm-wp	auto_featured_image	*	cpe:2.3:a:cm-wp:auto_featured_image::::::wordpress::*

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "Auto Featured Image (Auto Post Thumbnail)",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "3.9.16"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

References

wpscan.com/vulnerability/e5ef74a2-e04a-4a14-bd0e-d6910cd1c4b4

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

36.5%

JSON

Related for CVE-2023-0477