CVEs-PoC/2021/CVE-2021-44223.md

### [CVE-2021-44223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44223)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory.

### POC

#### Reference
- https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Afetter618/WordPress-PenTest
- https://github.com/namhikelo/Symfonos1-Vulnhub-CEH
- https://github.com/vavkamil/wp-update-confusion