8
CVE-2021-24905
- EPSS 0.72%
- Veröffentlicht 21.03.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 05:53:59
- Quelle contact@wpscan.com
- CVE-Watchlists
- Unerledigt
LoginAdvanced Contact form 7 DB < 1.8.7 - Subscriber+ Arbitrary File Deletion
Advanced Contact form 7 DB <= 1.8.6 - Authenticated Arbitrary File Deletion
The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted, allowing any authenticated user to delete arbitrary files on the web server. For example, removing the wp-config.php allows attackers to trigger WordPress setup again, gain administrator privileges and execute arbitrary code or display arbitrary content to the users.
Mögliche Gegenmaßnahme
Advanced Contact form 7 DB: Update to version 1.8.7, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Vsourz ≫ Advanced Cf7 Db SwPlatformwordpress Version < 1.8.7
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Advanced Contact form 7 DB
Version
[*, 1.8.7)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.72% | 0.49 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8 | 2.1 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6 | 6.8 | 6.4 |
AV:N/AC:M/Au:S/C:P/I:P/A:P
|
CWE-352 Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
https://wpscan.com/vulnerability/cf022415-6614-4b95-913b-802186766ae6
https://www.wordfence.com/threat-intel/vulnerabilities/id/4891fd3f-563b-497a-a5d9-617f4862298b