Lucene search
KhanhWPVDB-ID:F42CC26B-9AAB-4824-8168-B5B8571D1610HistoryJan 29, 2021 - 12:00 a.m.
Modern Events Calendar Lite < 5.16.5 - Authenticated Arbitrary File Upload leading to RCE
2021-01-2900:00:00
khanh
wpscan.com
9
The plugin did not properly check the imported file, allowing PHP ones to be uploaded by administrator by using the ‘text/csv’ content-type in the request. The issue could also be exploited via a CRSF attack, as such check was also missing.
PoC
https://drive.google.com/file/d/1qQfqnQOObBOmCFTTw1uGYmwxWe6uljhb/view?usp=sharing Uploaded file will be at /wp-content/uploads/aa.php
| CPE | Name | Operator | Version |
|---|---|---|---|
| modern-events-calendar-lite | lt | 5.16.5 |
Related
wpexploit
wpexploit
nuclei
nuclei
checkpoint_advisories
checkpoint_advisories
zdt
zdt
cve
cve
CVE-2021-24145
2021-03-18 15:15:00
packetstorm
packetstorm
WordPress Modern Events Calendar 5.16.2 Shell Upload
2021-07-02 00:00:00
WordPress Modern Events Calendar Remote Code Execution
2021-07-26 00:00:00
prion
prion
Cross site request forgery (csrf)
2021-03-18 15:15:00
githubexploit
githubexploit
osv
osv
CVE-2021-24145
2021-03-18 15:15:15
exploitdb
exploitdb
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-07-30 18:04:33
Related for WPVDB-ID:F42CC26B-9AAB-4824-8168-B5B8571D1610