CVE-2021-47788

EUVD-2026-3005
WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
VulnCheckCNA
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Affected Products (NVD)
VendorProductVersion
websitebakerwebsitebaker
2.13.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://websitebaker.org/
https://www.exploit-db.com/exploits/50310
https://www.vulncheck.com/advisories/websitebaker-remote-code-execution-rce-authenticated
https://www.exploit-db.com/exploits/50310