EPSS
Percentile
96.2%
Unauthenticated Arbitrary File Upload leading to Remote Code Execution (RCE) vulnerability discovered by Jin Huang in WordPress Imagements plugin (versions <= 1.2.5).
Plugin closed. Deactivate and delete.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24236
github.com/jinhuang1102/CVE-ID-Reports/blob/105e6d7df6cae66fe461003827b6f27c508149fa/Imagement.md
wordpress.org/plugins/imagements/