Skip to main content

Simple Schools Staff Directory

1 CVEs product

Monthly

CVE-2021-24663 HIGH POC This Week

The Simple Schools Staff Directory WordPress plugin through 1.1 does not validate uploaded logo pictures to ensure that are indeed images, allowing high privilege users such as admin to upload. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress File Upload Simple Schools Staff Directory
NVD WPScan
CVSS 3.1
7.2
EPSS
1.4%
EPSS 1% CVSS 7.2
HIGH POC This Week

The Simple Schools Staff Directory WordPress plugin through 1.1 does not validate uploaded logo pictures to ensure that are indeed images, allowing high privilege users such as admin to upload. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress File Upload Simple Schools Staff Directory
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy