8.8

CVE-2019-8942

Exploit

WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.

Data is provided by the National Vulnerability Database (NVD)
WordpressWordpress Version < 4.9.9
WordpressWordpress Version5.0 Update-
WordpressWordpress Version5.0 Updatebeta1
WordpressWordpress Version5.0 Updatebeta2
WordpressWordpress Version5.0 Updatebeta3
WordpressWordpress Version5.0 Updatebeta4
WordpressWordpress Version5.0 Updatebeta5
WordpressWordpress Version5.0 Updaterc1
WordpressWordpress Version5.0 Updaterc2
WordpressWordpress Version5.0 Updaterc3
DebianDebian Linux Version9.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 92.72% 0.997
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.5 8 6.4
AV:N/AC:L/Au:S/C:P/I:P/A:P
CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

http://www.securityfocus.com/bid/107088
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/46511/
Third Party Advisory
Exploit
VDB Entry
https://www.exploit-db.com/exploits/46662/
Third Party Advisory
Exploit
VDB Entry