Vulnerability Description
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution. If a quiz question could be answered by uploading a file, only the Content-Type header was checked during the upload, and thus the attacker could use text/plain for a .php file.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Expresstech | Quiz And Survey Master | < 7.0.1 |
Related Weaknesses (CWE)
References
- https://wpscan.com/vulnerability/10349ExploitThird Party Advisory
- https://www.wordfence.com/blog/2020/08/critical-vulnerabilities-patched-in-quiz-ExploitThird Party Advisory
- https://wpscan.com/vulnerability/10349ExploitThird Party Advisory
- https://www.wordfence.com/blog/2020/08/critical-vulnerabilities-patched-in-quiz-ExploitThird Party Advisory
FAQ
What is CVE-2020-35949?
CVE-2020-35949 is a vulnerability with a CVSS score of 10.0 (CRITICAL). An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution. ...
How severe is CVE-2020-35949?
CVE-2020-35949 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-35949?
Check the references section above for vendor advisories and patch information. Affected products include: Expresstech Quiz And Survey Master.