Vulnerability Description
The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted, allowing any authenticated user to delete arbitrary files on the web server. For example, removing the wp-config.php allows attackers to trigger WordPress setup again, gain administrator privileges and execute arbitrary code or display arbitrary content to the users.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vsourz | Advanced Cf7 Db | < 1.8.7 |
Related Weaknesses (CWE)
References
- https://wpscan.com/vulnerability/cf022415-6614-4b95-913b-802186766ae6ExploitThird Party Advisory
- https://wpscan.com/vulnerability/cf022415-6614-4b95-913b-802186766ae6ExploitThird Party Advisory
FAQ
What is CVE-2021-24905?
CVE-2021-24905 is a vulnerability with a CVSS score of 8.0 (HIGH). The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted, ...
How severe is CVE-2021-24905?
CVE-2021-24905 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-24905?
Check the references section above for vendor advisories and patch information. Affected products include: Vsourz Advanced Cf7 Db.