mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-28 03:02:23 +02:00
0xMarcio
1.0 KiB
1.0 KiB
CVE-2021-24248
Description
The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.1 did not properly check for imported files, forbidding certain extension via a blacklist approach, allowing administrator to import an archive with a .php4 inside for example, leading to RCE
POC
Reference
- https://wpscan.com/vulnerability/ca886a34-cd2b-4032-9de1-8089b5cf3001
- https://wpscan.com/vulnerability/ca886a34-cd2b-4032-9de1-8089b5cf3001
Github
No PoCs found on GitHub currently.