Lucene search
PRIOn knowledge basePRION:CVE-2021-24145HistoryMar 18, 2021 - 3:15 p.m.
Cross site request forgery (csrf)
2021-03-1815:15:00
PRIOn knowledge base
www.prio-n.com
5
Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly check the imported file, allowing PHP ones to be uploaded by administrator by using the ‘text/csv’ content-type in the request.
| CPE | Name | Operator | Version |
|---|---|---|---|
| modern_events_calendar_lite | lt | 5.16.5 |
Related
packetstorm
packetstorm
WordPress Modern Events Calendar 5.16.2 Shell Upload
2021-07-02 00:00:00
WordPress Modern Events Calendar Remote Code Execution
2021-07-26 00:00:00
cvelist
cvelist
zdt
zdt
cve
cve
CVE-2021-24145
2021-03-18 15:15:15
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2021-24145
2021-03-18 15:15:15
wpvulndb
wpvulndb
wpexploit
wpexploit
nuclei
nuclei
githubexploit
githubexploit
osv
osv
CVE-2021-24145
2021-03-18 15:15:15
exploitdb
exploitdb
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-07-30 18:04:33