Lucene search
WPScanCVELIST:CVE-2021-24179HistoryMay 05, 2021 - 6:39 p.m.
CVE-2021-24179 Business Directory Plugin < 5.11 - Arbitrary File Upload to RCE
2021-05-0518:39:42
CWE-352
WPScan
www.cve.org
The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator import files. As the plugin also did not validate uploaded files, it could lead to RCE.
CNA Affected
[
{
"product": "Business Directory Plugin – Easy Listing Directories for WordPress",
"vendor": "Business Directory Team",
"versions": [
{
"lessThan": "5.11",
"status": "affected",
"version": "5.11",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-24179
2021-05-06 13:15:11
wpexploit
wpexploit
Business Directory Plugin < 5.11 - Arbitrary File Upload to RCE
2021-04-11 00:00:00
cve
cve
CVE-2021-24179
2021-05-06 13:15:11
prion
prion
Cross site request forgery (csrf)
2021-05-06 13:15:00
wpvulndb
wpvulndb
Business Directory Plugin < 5.11 - Arbitrary File Upload to RCE
2021-04-11 00:00:00
patchstack
patchstack