The College publisher Import WordPress plugin through 0.1 does not check for the uploaded CSV file to import, allowing high privilege users to upload arbitrary files, such as PHP, leading to RCE. Due to the lack of CSRF check, the issue could also be exploited via a CSRF attack.
References
Link | Resource |
---|---|
https://github.com/jinhuang1102/CVE-ID-Reports/blob/master/College%20Puglisher%20Import.md | Exploit Third Party Advisory |
https://wpscan.com/vulnerability/bb3e56dd-ae2e-45c2-a6c9-a59ae5fc1dc4 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2021-05-06 13:15
Updated : 2024-02-28 18:28
NVD link : CVE-2021-24254
Mitre link : CVE-2021-24254
CVE.ORG link : CVE-2021-24254
JSON object : View
Products Affected
college_publisher_import_project
- college_publisher_import
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type