Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2021-24155

Published: 05/04/2021 Updated: 03/12/2021
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 580
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Backup Guard

Vulnerability Summary

The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin prior to 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

backup-guard backup guard

Exploits

Exploit DB: WordPress Backup Guard 1.5.8 Shell Upload
WordPress Backup Guard plugin version 158 remote shell upload exploit ...

References

CWE-434https://wpscan.com/vulnerability/d442acac-4394-45e4-b6bb-adf4a40960fbhttp://packetstormsecurity.com/files/163382/WordPress-Backup-Guard-1.5.8-Shell-Upload.htmlhttp://packetstormsecurity.com/files/163623/WordPress-Backup-Guard-Authenticated-Remote-Code-Execution.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/163382/WordPress-Backup-Guard-1.5.8-Shell-Upload.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook