CVE-2022-4949

Опубликовано: 07 июн. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_upload' function in versions up to, and including, 1.8.1. This makes it possible for authenticated attackers with Contributor+ level privileges to upload arbitrary files on the affected sites server which makes remote code execution possible.

Ссылки

http://www.openwall.com/lists/oss-security/2023/11/09/3
Mailing List
http://xenbits.xen.org/xsa/advisory-443.html
Patch
Third Party Advisory
https://blog.nintechnet.com/critical-vulnerability-in-wordpress-adsanity-plugin/
Exploit
https://www.wordfence.com/threat-intel/vulnerabilities/id/effd72d2-876d-4f8d-b1e4-5ab38eab401b?source=cve
Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/09/3
Mailing List
http://xenbits.xen.org/xsa/advisory-443.html
Patch
Third Party Advisory
https://blog.nintechnet.com/critical-vulnerability-in-wordpress-adsanity-plugin/
Exploit
https://www.wordfence.com/threat-intel/vulnerabilities/id/effd72d2-876d-4f8d-b1e4-5ab38eab401b?source=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:adsanityplugin:adsanity:*:*:*:*:*:wordpress:*:*

Версия до 1.8.2 (исключая)

Конфигурация 2

cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06268

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-v85g-h95p-h44c