CVE-2020-25213

CriticalKnown Exploited

The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because…

mitre·CWE-434·Published 2020-09-09

CVSS

9.8

EPSS

0.97

KEV

Yes

Exploits

cve.orgen

456 chars

The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload (or mkfile and put) command to write PHP code into the wp-content/plugins/wp-file-manager/lib/files/ directory. This was exploited in the wild in August and September 2020.

NVDen

456 chars

NVDes

516 chars

El complemento File Manager (wp-file-manager) versiones anteriores a 6.9 para WordPress, permite a atacantes remotos cargar y ejecutar código PHP arbitrario porque cambia el nombre de un archivo de conector elFinder de ejemplo no seguro para que tenga la extensión .php. Esto, por ejemplo, permite a atacantes ejecutar el comando elFinder upload (o mkfile y put) para escribir código PHP en el directorio wp-content/plugins/wp-file-manager/lib/files/. Esto fue explotado "in the wild" en agosto y Septiembre de 2020.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	cve.org	10.0	—	—	CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N
3.1	Primary	cve.org	10.0	—	—	CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	10.0	3.9	6.0	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H