Published: 14/09/2017 Updated: 27/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from www.invedion.com/

Vulnerable Product	Search on Vulmon	Subscribe to Product
webapp-builder project webapp-builder 2.0

WordPress plugins Zen App Mobile Native versions 30 and below, webapp-builder version 20, wp2android-turn-wp-site-into-android-app version 114, mobile-app-builder-by-wappress version 105, and mobile-friendly-app-builder-by-easytouch version 30 suffer from a remote shell upload vulnerability ...

import requests import random import string print "---------------------------------------------------------------------" print "Multiple Wordpress Plugin - Remote File Upload Exploit\nDiscovery: Larry W Cashdollar\nExploit Author: Munir Njiru\nCWE: 434\n\n1 Zen App Mobile Native <=30 (CVE-2017-6104)\n2 Wordpress Plugin webapp-builder v20 ...

CWE-434 https://wordpress.org/plugins-wp/webapp-builder/http://www.vapidlabs.com/advisory.php?v=181 https://www.exploit-db.com/exploits/41540/http://www.securityfocus.com/bid/96906 https://nvd.nist.gov https://packetstormsecurity.com/files/141676/WordPress-Multiple-Plugin-File-Upload.html https://www.exploit-db.com/exploits/41540/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-1002002

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect