WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - Unauthenticated Arbitrary File Upload vulnerability

🗓️ 18 Nov 2024 07:31:19Reported by Rein Daelman (trein)Type

patchstack

patchstack🔗 patchstack.com👁 6 Views

Unauthenticated file upload in WordPress Backup and Staging by WP Time Capsule plugin <=1.22.21.

Reporter	Title	Published	Views	Family All 21
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Revmakx Backup_And_Staging_By_Wp_Time_Capsule	21 Nov 202404:01	–	githubexploit
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Revmakx Backup_And_Staging_By_Wp_Time_Capsule	16 Nov 202420:04	–	githubexploit
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Revmakx Backup_And_Staging_By_Wp_Time_Capsule	4 Feb 202618:05	–	githubexploit
Circl	CVE-2024-8856	16 Nov 202406:52	–	circl
CNNVD	WordPress plugin Backup and Staging by WP Time Capsule 代码问题漏洞	16 Nov 202400:00	–	cnnvd
CVE	CVE-2024-8856	16 Nov 202404:29	–	cve
Cvelist	CVE-2024-8856 Backup and Staging by WP Time Capsule <= 1.22.21 - Unauthenticated Arbitrary File Upload	16 Nov 202404:29	–	cvelist
Exploit DB	Backup and Staging by WP Time Capsule 1.22.21 - Unauthenticated Arbitrary File Upload	6 Apr 202500:00	–	exploitdb
Metasploit	WordPress WP Time Capsule Arbitrary File Upload to RCE	13 Dec 202418:55	–	metasploit
Nuclei	WP Time Capsule Plugin - Remote Code Execution	3 Jun 202606:04	–	nuclei

Vulners

Node

wordpress backup_and_staging_by_wp_time_capsuleRange≤1.22.21

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-time-capsule/backup-and-staging-by-wp-time-capsule-12221-unauthenticated-arbitrary-file-upload

18 Nov 2024 07:31Current

7High risk

Vulners AI Score7

CVSS 3.19.8

EPSS0.93149

SSVC

WordPress backup WordPress staging arbitrary file upload unauthenticated access time capsule plugin