CVE-2021-24254

College Publisher Import <= 0.1 - Arbitrary File Upload to RCE

EPSS 1.8%CWE-434

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 1.8%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

05 May 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

The College publisher Import WordPress plugin through 0.1 does not check for the uploaded CSV file to import, allowing high privilege users to upload arbitrary files, such as PHP, leading to RCE. Due to the lack of CSRF check, the issue could also be exploited via a CSRF attack.

Affected products

Unknown · College publisher Import

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/jinhuang1102/CVE-ID-Reports/blob/master/College%20Puglisher%20Import.md https://wpscan.com/vulnerability/bb3e56dd-ae2e-45c2-a6c9-a59ae5fc1dc4