Vulnerability CVE-2021-39352
Published: 2021-10-21

Description:
The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation. This makes it possible for an attacker with administrative privileges to upload malicious files that can be used to achieve remote code execution.

See advisories in our WLB2 database:
Topic
Author
Date
High
WordPress Catch Themes Demo Import 1.6.1 Shell Upload
Ron Jost
11.12.2021
High
WordPress Catch Themes Demo Import Shell Upload
h00die
05.01.2022

Type:

CWE-434

 (Unrestricted Upload of File with Dangerous Type)

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.5/10
6.4/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Catchplugins -> Catch themes demo import 

 References:
https://plugins.trac.wordpress.org/changeset/2617555/catch-themes-demo-import/trunk/inc/CatchThemesDemoImport.php
https://github.com/BigTiger2020/word-press/blob/main/Catch%20Themes%20Demo%20Import.md
https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39352
Copyright 2024, cxsecurity.com

 

Back to Top