Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2019-8942

UNKNOWN
Published 2019-02-20T03:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2019-8942. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

WordPress Vulnerability

Identified and analyzed by Wordfence

Software Type

Core

Patch Status

Patched

Published

February 19, 2019

Software Details

Software Name

WordPress

Software Slug

wordpress

Affected Versions

5.0 [*, 3.7) 4.8 - 4.8.7 4.9 - 4.9.8 3.7 - 3.7.27 3.8 - 3.8.27 3.9 - 3.9.25 4.0 - 4.0.24 4.1 - 4.1.24 4.2 - 4.2.21 4.3 - 4.3.17 4.4 - 4.4.16 4.5 - 4.5.15 4.6 - 4.6.12 4.7 - 4.7.11

Patched Versions

3.7.28 3.8.28 3.9.26 4.0.25 4.1.25 4.2.22 4.3.18 4.4.17 4.5.16 4.6.13 4.7.12 4.8.8 4.9.9 5.0.1

Remediation

Update to one of the following versions, or a newer patched version: 3.7.28, 3.8.28, 3.9.26, 4.0.25, 4.1.25, 4.2.22, 4.3.18, 4.4.17, 4.5.16, 4.6.13, 4.7.12, 4.8.8, 4.9.9, 5.0.1

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/506d1518-658f-4deb-9c30-d0bce5ef9df4?source=api-prod

© Defiant Inc. Data provided by Wordfence.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-rwhm-6hw4-9fgg

Advisory Details

WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2019-8942
WEB https://blog.ripstech.com/2019/wordpress-image-remote-code-execution
WEB https://lists.debian.org/debian-lts-announce/2019/03/msg00044.html
WEB https://wpvulndb.com/vulnerabilities/9222
WEB https://www.debian.org/security/2019/dsa-4401
WEB https://www.exploit-db.com/exploits/46511
WEB https://www.exploit-db.com/exploits/46662
WEB http://packetstormsecurity.com/files/152396/WordPress-5.0.0-crop-image-Shell-Upload.html
WEB http://www.rapid7.com/db/modules/exploit/multi/http/wp_crop_rce
WEB http://www.securityfocus.com/bid/107088

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

https://wpvulndb.com/vulnerabilities/9222
https://www.exploit-db.com/exploits/46511/
http://www.securityfocus.com/bid/107088
https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
https://www.debian.org/security/2019/dsa-4401
https://lists.debian.org/debian-lts-announce/2019/03/msg00044.html
http://packetstormsecurity.com/files/152396/WordPress-5.0.0-crop-image-Shell-Upload.html
http://www.rapid7.com/db/modules/exploit/multi/http/wp_crop_rce
https://www.exploit-db.com/exploits/46662/
Published: 2019-02-20T03:00:00
Last Modified: 2024-08-04T21:31:37.541Z
Copied to clipboard!