Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2021-4436
HistoryFeb 05, 2024 - 9:15 a.m.

Design/Logic Flaw

2024-02-0509:15:00
PRIOn knowledge base
www.prio-n.com
6
3dprint lite
wordpress plugin
authorization
file upload
unauthenticated users
arbitrary files
security flaw
.htaccess
apache server

7.3 High

AI Score

Confidence

Low

0.188 Low

EPSS

Percentile

96.3%

JSON

The 3DPrint Lite WordPress plugin before 1.9.1.5 does not have any authorisation and does not check the uploaded file in its p3dlite_handle_upload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing the file to be accessed on Web servers such as Apache.

CPENameOperatorVersion
3dprint_litelt1.9.1.5

Related

nuclei 1
cve 1
thn 1
cvelist 1
nvd 1
nuclei
nuclei
3DPrint Lite < 1.9.1.5 - Arbitrary File Upload
2024-06-24 13:55:44
cve
cve
CVE-2021-4436
2024-02-05 09:15:43
thn
thn
Hacked WordPress Sites Abusing Visitors' Browsers for Distributed Brute-Force Attacks
2024-03-07 13:45:00
cvelist
cvelist
CVE-2021-4436 3DPrint Lite < 1.9.1.5 - Unauthenticated Arbitrary File Upload
2024-02-05 09:02:44
nvd
nvd
CVE-2021-4436
2024-02-05 09:15:43

7.3 High

AI Score

Confidence

Low

0.188 Low

EPSS

Percentile

96.3%

JSON
Related for PRION:CVE-2021-4436
nuclei1cve1thn1cvelist1nvd1