Skip to main content

Event Banner

1 CVEs product

Monthly

CVE-2021-24252 HIGH POC This Week

The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress PHP File Upload Event Banner
NVD GitHub WPScan
CVSS 3.1
7.2
EPSS
1.7%
EPSS 2% CVSS 7.2
HIGH POC This Week

The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress PHP +2
NVD GitHub WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy