Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2021-24947
HistoryFeb 07, 2022 - 4:15 p.m.

Cross site request forgery (csrf)

2022-02-0716:15:00
PRIOn knowledge base
www.prio-n.com
5

6.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON

The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user, such as subscriber, to read arbitrary files on the web server

CPENameOperatorVersion
responsive_vector_mapslt6.4.2

Related

cvelist 1
wpexploit 1
wpvulndb 1
cve 1
patchstack 1
nvd 1
nuclei 1
kitploit 1
cvelist
cvelist
CVE-2021-24947 RVM - Responsive Vector Maps < 6.4.2 - Subscriber+ Arbitrary File Read
2022-02-07 15:47:14
wpexploit
wpexploit
RVM - Responsive Vector Maps < 6.4.2 - Subscriber+ Arbitrary File Read
2022-01-06 00:00:00
wpvulndb
wpvulndb
RVM - Responsive Vector Maps < 6.4.2 - Subscriber+ Arbitrary File Read
2022-01-06 00:00:00
cve
cve
CVE-2021-24947
2022-02-07 16:15:43
patchstack
patchstack
WordPress RVM – Responsive Vector Maps plugin <= 6.4.1 - Arbitrary File Read vulnerability
2022-01-06 00:00:00
nvd
nvd
CVE-2021-24947
2022-02-07 16:15:43
nuclei
nuclei
WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read
2022-02-08 01:07:19
kitploit
kitploit
Wpgarlic - A Proof-Of-Concept WordPress Plugin Fuzzer
2022-04-25 21:30:00

6.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON
Related for PRION:CVE-2021-24947
cvelist1wpexploit1wpvulndb1cve1patchstack1nvd1nuclei1kitploit1