8.8

CVE-2022-4949

Exploit

AdSanity < 1.8.2 - Authenticated Arbitrary File Upload

AdSanity < 1.8.2 - Authenticated Arbitrary File Upload

The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_upload' function in versions up to, and including, 1.8.1. This makes it possible for authenticated attackers with Contributor+ level privileges to upload arbitrary files on the affected sites server which makes remote code execution possible.
Mögliche Gegenmaßnahme
AdSanity: Update to version 1.8.2, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdsanitypluginAdsanity SwPlatformwordpress Version < 1.8.2
XenXen Version-
Weitere Schwachstelleninformationen
SystemWordPress Plugin
Produkt AdSanity
Version [*, 1.8.2)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.2% 0.802
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security@wordfence.com 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

http://www.openwall.com/lists/oss-security/2023/11/09/3
Mailing List
http://xenbits.xen.org/xsa/advisory-443.html
Patch
Third Party Advisory
https://blog.nintechnet.com/critical-vulnerability-in-wordpress-adsanity-plugin/
Exploit
https://www.wordfence.com/threat-intel/vulnerabilities/id/effd72d2-876d-4f8d-b1e4-5ab38eab401b?source=cve
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/effd72d2-876d-4f8d-b1e4-5ab38eab401b
Third Party Advisory