Lucene search
WPScanCVELIST:CVE-2021-24155HistoryApr 05, 2021 - 6:27 p.m.
CVE-2021-24155 Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload
2021-04-0518:27:42
CWE-434
WPScan
www.cve.org
0.963 High
EPSS
Percentile
99.5%
The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE.
CNA Affected
[
{
"product": "WordPress Backup and Migrate Plugin – Backup Guard",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "1.6.0",
"versionType": "custom"
}
]
}
]Related
patchstack
patchstack
githubexploit
githubexploit
zdt
zdt
Wordpress Backup Guard 1.5.8 Plugin - Remote Code Execution (Authenticated) Exploit
2021-07-05 00:00:00
WordPress Backup Guard Authenticated Remote Code Execution Exploit
2021-07-21 00:00:00
cve
cve
CVE-2021-24155
2021-04-05 19:15:14
packetstorm
packetstorm
WordPress Backup Guard Authenticated Remote Code Execution
2021-07-21 00:00:00
WordPress Backup Guard 1.5.8 Shell Upload
2021-07-05 00:00:00
wpvulndb
wpvulndb
Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload
2021-02-18 00:00:00
prion
prion
Format string
2021-04-05 19:15:00
nuclei
nuclei
WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload
2023-03-05 13:42:10
nvd
nvd
CVE-2021-24155
2021-04-05 19:15:14
wpexploit
wpexploit
Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload
2021-02-18 00:00:00
exploitdb
exploitdb
Wordpress Plugin Backup Guard 1.5.8 - Remote Code Execution (Authenticated)
2021-07-05 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-07-23 19:39:14
checkpoint_advisories
checkpoint_advisories