Vulners
Lucene search
CVE-2021-24890
๐๏ธย 26 Sep 2022ย 12:35:29Reported byย WPScanTypeย 
ย cve๐ย web.nvd.nist.gov๐ฐ๏ธย 5ย Media mentions๐ย 55ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | CVE-2021-24890 | 21 May 202519:42 | โ | circl |
 | WordPress plugin Scripts Organizer ๅฎๅ จๆผๆด | 26 Sep 202200:00 | โ | cnnvd |
 | WordPress Scripts Organizer Arbitrary File Upload Vulnerability | 28 Sep 202200:00 | โ | cnvd |
 | CVE-2021-24890 Scripts Organizer < 3.0 - Unauthenticated Arbitrary File Upload | 26 Sep 202212:35 | โ | cvelist |
 | EUVD-2021-11802 | 7 Oct 202500:30 | โ | euvd |
 | CVE-2021-24890 | 26 Sep 202213:15 | โ | nvd |
 | CVE-2021-24890 | 26 Sep 202213:15 | โ | osv |
 | WordPress Scripts Organizer premium plugin < 3.0 - Unauthenticated Arbitrary File Upload vulnerability | 5 Sep 202200:00 | โ | patchstack |
 | Cross site request forgery (csrf) | 26 Sep 202213:15 | โ | prion |
 | PT-2022-9492 ยท WordPress ยท Scripts Organizer | 26 Sep 202200:00 | โ | ptsecurity |
10
Node
[
{
"product": "scripts-organizer",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.0",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| php_script | request body | /wp-admin/admin-ajax.php | Unauthenticated arbitrary PHP code execution via the saveScript AJAX action due to missing capability/CSRF checks and lack of input validation. | CWE-862,ย CWE-352 |
| SCORG_enable_script | request body | /wp-admin/admin-ajax.php | Unauthenticated arbitrary PHP code execution via the saveScript AJAX action due to missing capability/CSRF checks and lack of input validation. | CWE-862,ย CWE-352 |
| form_data | request body | /wp-admin/admin-ajax.php | Unauthenticated arbitrary PHP code execution via the saveScript AJAX action due to missing capability/CSRF checks and lack of input validation. | CWE-862,ย CWE-352 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 03:41Current
8.7High risk
Vulners AI Score8.7
CVSS 3.18.8
EPSS0.00457
SSVC