Vulnerability Description
The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Simplefilelist | Simple File List | < 4.2.3 |
Related Weaknesses (CWE)
References
- https://packetstormsecurity.com/files/160221/Exploit
- https://plugins.trac.wordpress.org/changeset/2286920/simple-file-listPatch
- https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/ExploitThird Party Advisory
- https://www.cybersecurity-help.cz/vdb/SB2020042711Third Party Advisory
- https://www.wordfence.com/threat-intel/vulnerabilities/id/9eb835fd-6ebf-4162-856Third Party Advisory
- https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/ExploitThird Party Advisory
FAQ
What is CVE-2020-36847?
CVE-2020-36847 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a pn...
How severe is CVE-2020-36847?
CVE-2020-36847 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-36847?
Check the references section above for vendor advisories and patch information. Affected products include: Simplefilelist Simple File List.