Описание
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.
Ссылки
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.
Уязвимость функции cp_plugins_do_button_job_later_callback плагина Tree Sitemap WordPress, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3
6.5 Medium
CVSS2