CVE-2021-24252 Information

Description

The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file allowing admin accounts to upload arbitrary files such as .exe .php or others executable leading to RCE. Due to the lack of CSRF check the issue can also be used via such vector to achieve the same result or via a LFI as authorisation checks are missing (but would require WP to be loaded)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

https://github.com/jinhuang1102/CVE-ID-Reports/blob/master/Event%20Banner.md https://wpscan.com/vulnerability/91e81c6d-f24d-4f87-bc13-746715af8f7c

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.2