Skip to main content

Ajar in5 Embed CVE-2024-50473

CRITICAL
Unrestricted Upload of File with Dangerous Type (CWE-434)
2024-10-29 audit@patchstack.com
10.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
10.0 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
CVSS changed
Apr 23, 2026 - 15:22 NVD
10.0 (CRITICAL)
CVE Published
Oct 29, 2024 - 09:15 nvd
N/A

DescriptionCVE.org

Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed ajar-productions-in5-embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through <= 3.1.3.

AnalysisAI

Unrestricted file upload in the Ajar in5 Embed WordPress plugin (versions up to and including 3.1.3) allows remote unauthenticated attackers to upload arbitrary files, including web shells, leading to full server compromise. The flaw carries a maximum CVSS score of 10.0 with scope change, and an EPSS of 61.50% (98th percentile) indicates a very high probability of near-term exploitation, though no public exploit or KEV listing was identified at time of analysis.

Technical ContextAI

Ajar in5 Embed (slug: ajar-productions-in5-embed) is a WordPress plugin that embeds in5-authored interactive content into WordPress sites. The root cause is CWE-434 (Unrestricted Upload of File with Dangerous Type), meaning the plugin's upload handler accepts file types without validating extension, MIME type, or content. In a PHP/WordPress environment, uploading a .php file (or polyglot) into a web-accessible directory yields direct script execution, turning a file write into remote code execution. The CVSS scope change (S:C) implies the impact reaches beyond the plugin into the underlying WordPress host and potentially shared hosting tenants.

Affected ProductsAI

Ajar Productions in5 Embed WordPress plugin (slug ajar-productions-in5-embed), all versions from an unspecified initial release through and including 3.1.3. No CPE string was provided in the input. The vulnerability was reported by Patchstack (audit@patchstack.com); no direct vendor advisory URL was included in the supplied references.

RemediationAI

No vendor-released patched version is identified in the available data - the affected range is documented as 'n/a through <= 3.1.3' with no fixed version stated, so administrators should treat this as 'patch availability unconfirmed' and check the Patchstack advisory database and the plugin page on wordpress.org for an updated release beyond 3.1.3. Until a confirmed fixed version is available, deactivate and remove the Ajar in5 Embed plugin from any WordPress installation (the safest control, with the trade-off of losing in5 embed functionality on affected pages), or block access to the plugin's upload endpoints at the web server or WAF layer (lower disruption but requires accurate endpoint identification). Additionally, restrict execution of PHP within wp-content/uploads via web server configuration to limit web shell execution even if a file is written, and audit the uploads directory for unexpected scripts deposited prior to remediation.

Share

CVE-2024-50473 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy