The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2.
Metrics
Affected Vendors & Products
References
History
Mon, 16 Sep 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2. | The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2. |
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2021-11-17T17:44:23.922336Z
Updated: 2024-09-16T18:45:18.029Z
Reserved: 2021-10-14T00:00:00
Link: CVE-2021-42362
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-11-17T18:15:08.297
Modified: 2024-11-21T06:27:39.813
Link: CVE-2021-42362
Redhat
No data.