{"containers": {"cna": {"affected": [{"product": "Event Banner", "vendor": "Unknown", "versions": [{"lessThanOrEqual": "1.3", "status": "affected", "version": "1.3", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Jin Huang"}], "descriptions": [{"lang": "en", "value": "The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. Due to the lack of CSRF check, the issue can also be used via such vector to achieve the same result, or via a LFI as authorisation checks are missing (but would require WP to be loaded)"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-05T18:39:43", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://wpscan.com/vulnerability/91e81c6d-f24d-4f87-bc13-746715af8f7c"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jinhuang1102/CVE-ID-Reports/blob/master/Event%20Banner.md"}], "source": {"discovery": "UNKNOWN"}, "title": "Event Banner <= 1.3 - Arbitrary File Upload to RCE", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24252", "STATE": "PUBLIC", "TITLE": "Event Banner <= 1.3 - Arbitrary File Upload to RCE"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Event Banner", "version": {"version_data": [{"version_affected": "<=", "version_name": "1.3", "version_value": "1.3"}]}}]}, "vendor_name": "Unknown"}]}}, "credit": [{"lang": "eng", "value": "Jin Huang"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. Due to the lack of CSRF check, the issue can also be used via such vector to achieve the same result, or via a LFI as authorisation checks are missing (but would require WP to be loaded)"}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/91e81c6d-f24d-4f87-bc13-746715af8f7c", "refsource": "CONFIRM", "url": "https://wpscan.com/vulnerability/91e81c6d-f24d-4f87-bc13-746715af8f7c"}, {"name": "https://github.com/jinhuang1102/CVE-ID-Reports/blob/master/Event%20Banner.md", "refsource": "MISC", "url": "https://github.com/jinhuang1102/CVE-ID-Reports/blob/master/Event%20Banner.md"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T19:28:22.564Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://wpscan.com/vulnerability/91e81c6d-f24d-4f87-bc13-746715af8f7c"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jinhuang1102/CVE-ID-Reports/blob/master/Event%20Banner.md"}]}]}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24252", "datePublished": "2021-05-05T18:39:43", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2024-08-03T19:28:22.564Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wp-eventmanager:event_banner:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "E4FC3FEA-DDF9-4E75-A976-377415AE54B4", "versionEndIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. Due to the lack of CSRF check, the issue can also be used via such vector to achieve the same result, or via a LFI as authorisation checks are missing (but would require WP to be loaded)"}, {"lang": "es", "value": "El plugin Event Banner WordPress versiones hasta 1.3, no verifica el archivo de imagen cargado, permitiendo que las cuentas de administrador cargar archivos arbitrarios, como .exe, .php u otros ejecutables, conllevando a RCE. Debido a una falta de comprobaci\u00f3n CSRF, el problema tambi\u00e9n  puede ser utilizado por medio de dicho vector para lograr el mismo resultado, o por medio de un LFI, ya que faltan las comprobaciones de autorizaci\u00f3n (pero requerir\u00eda WP que sea cargado)"}], "id": "CVE-2021-24252", "lastModified": "2024-11-21T05:52:41.510", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-06T13:15:11.757", "references": [{"source": "contact@wpscan.com", "tags": ["Broken Link"], "url": "https://github.com/jinhuang1102/CVE-ID-Reports/blob/master/Event%20Banner.md"}, {"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/91e81c6d-f24d-4f87-bc13-746715af8f7c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://github.com/jinhuang1102/CVE-ID-Reports/blob/master/Event%20Banner.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/91e81c6d-f24d-4f87-bc13-746715af8f7c"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "contact@wpscan.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}