vendor/elfinder/php/connector.minimal.php in the secure-file-manager plugin through 2.5 for WordPress loads elFinder code without proper access control. Thus, any authenticated user can run the elFinder upload command to achieve remote code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
References
Link | Resource |
---|---|
https://blog.nintechnet.com/authenticated-rce-vulnerability-in-wordpress-secure-file-manager-plugin-unpatched/ | Exploit Third Party Advisory |
https://wordpress.org/plugins/secure-file-manager/#developers | Product Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-14T02:20:27
Updated: 2024-06-11T15:19:03.762Z
Reserved: 2020-12-14T00:00:00
Link: CVE-2020-35235
JSON object: View
NVD Information
Status : Modified
Published: 2020-12-14T03:15:13.370
Modified: 2024-06-11T16:15:15.590
Link: CVE-2020-35235
JSON object: View
Redhat Information
No data.
CWE