CVE-2021-39352

EUVD-2021-25713
The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation. This makes it possible for an attacker with administrative privileges to upload malicious files that can be used to achieve remote code execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WordfenceCNA
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
catchpluginscatch_themes_demo_import
𝑥
≤ 1.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/165207/WordPress-Catch-Themes-Demo-Import-1.6.1-Shell-Upload.html
http://packetstormsecurity.com/files/165463/WordPress-Catch-Themes-Demo-Import-Shell-Upload.html
https://github.com/BigTiger2020/word-press/blob/main/Catch%20Themes%20Demo%20Import.md
https://github.com/Hacker5preme/Exploits/tree/main/Wordpress/CVE-2021-39352
https://plugins.trac.wordpress.org/changeset/2617555/catch-themes-demo-import/trunk/inc/CatchThemesDemoImport.php
https://www.exploit-db.com/exploits/50580
https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39352
http://packetstormsecurity.com/files/165207/WordPress-Catch-Themes-Demo-Import-1.6.1-Shell-Upload.html
http://packetstormsecurity.com/files/165463/WordPress-Catch-Themes-Demo-Import-Shell-Upload.html
https://github.com/BigTiger2020/word-press/blob/main/Catch%20Themes%20Demo%20Import.md
https://github.com/Hacker5preme/Exploits/tree/main/Wordpress/CVE-2021-39352
https://plugins.trac.wordpress.org/changeset/2617555/catch-themes-demo-import/trunk/inc/CatchThemesDemoImport.php
https://www.exploit-db.com/exploits/50580
https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39352