Vulnerability Details CVE-2021-24499
The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.935
EPSS Ranking 99.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/172876/WordPress-Workreap-2.2.2-Shell-Upload.html
- https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/
- https://wpscan.com/vulnerability/74611d5f-afba-42ae-bc19-777cdf2808cb
- http://packetstormsecurity.com/files/172876/WordPress-Workreap-2.2.2-Shell-Upload.html
- https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/
- https://wpscan.com/vulnerability/74611d5f-afba-42ae-bc19-777cdf2808cb
Products affected by CVE-2021-24499
-
cpe:2.3:a:amentotech:workreap:-
-
cpe:2.3:a:amentotech:workreap:1.0.1
-
cpe:2.3:a:amentotech:workreap:1.0.2
-
cpe:2.3:a:amentotech:workreap:1.0.3
-
cpe:2.3:a:amentotech:workreap:1.0.4
-
cpe:2.3:a:amentotech:workreap:1.0.5
-
cpe:2.3:a:amentotech:workreap:1.0.6
-
cpe:2.3:a:amentotech:workreap:1.0.7
-
cpe:2.3:a:amentotech:workreap:1.0.8
-
cpe:2.3:a:amentotech:workreap:1.0.9
-
cpe:2.3:a:amentotech:workreap:1.1.0
-
cpe:2.3:a:amentotech:workreap:1.1.1
-
cpe:2.3:a:amentotech:workreap:1.1.2
-
cpe:2.3:a:amentotech:workreap:1.1.3
-
cpe:2.3:a:amentotech:workreap:1.1.4
-
cpe:2.3:a:amentotech:workreap:1.1.5
-
cpe:2.3:a:amentotech:workreap:1.1.6
-
cpe:2.3:a:amentotech:workreap:1.1.7
-
cpe:2.3:a:amentotech:workreap:1.1.8
-
cpe:2.3:a:amentotech:workreap:1.1.9
-
cpe:2.3:a:amentotech:workreap:1.2.0
-
cpe:2.3:a:amentotech:workreap:1.2.1
-
cpe:2.3:a:amentotech:workreap:1.2.2
-
cpe:2.3:a:amentotech:workreap:1.2.3
-
cpe:2.3:a:amentotech:workreap:1.2.4
-
cpe:2.3:a:amentotech:workreap:1.2.5
-
cpe:2.3:a:amentotech:workreap:1.2.6
-
cpe:2.3:a:amentotech:workreap:1.2.7
-
cpe:2.3:a:amentotech:workreap:1.2.8
-
cpe:2.3:a:amentotech:workreap:1.2.9
-
cpe:2.3:a:amentotech:workreap:1.3.0
-
cpe:2.3:a:amentotech:workreap:1.3.1
-
cpe:2.3:a:amentotech:workreap:1.3.2
-
cpe:2.3:a:amentotech:workreap:1.3.3
-
cpe:2.3:a:amentotech:workreap:1.3.4
-
cpe:2.3:a:amentotech:workreap:1.3.5
-
cpe:2.3:a:amentotech:workreap:1.3.6
-
cpe:2.3:a:amentotech:workreap:1.3.7
-
cpe:2.3:a:amentotech:workreap:1.3.8
-
cpe:2.3:a:amentotech:workreap:1.3.9
-
cpe:2.3:a:amentotech:workreap:1.4.0
-
cpe:2.3:a:amentotech:workreap:1.4.1
-
cpe:2.3:a:amentotech:workreap:1.4.2
-
cpe:2.3:a:amentotech:workreap:1.4.3
-
cpe:2.3:a:amentotech:workreap:1.4.4
-
cpe:2.3:a:amentotech:workreap:1.4.5
-
cpe:2.3:a:amentotech:workreap:1.4.6
-
cpe:2.3:a:amentotech:workreap:1.4.7
-
cpe:2.3:a:amentotech:workreap:1.4.8
-
cpe:2.3:a:amentotech:workreap:1.4.9
-
cpe:2.3:a:amentotech:workreap:1.5.0
-
cpe:2.3:a:amentotech:workreap:1.5.1
-
cpe:2.3:a:amentotech:workreap:1.5.2
-
cpe:2.3:a:amentotech:workreap:1.5.3
-
cpe:2.3:a:amentotech:workreap:1.5.4
-
cpe:2.3:a:amentotech:workreap:1.5.6
-
cpe:2.3:a:amentotech:workreap:1.5.7
-
cpe:2.3:a:amentotech:workreap:1.5.8
-
cpe:2.3:a:amentotech:workreap:1.5.9
-
cpe:2.3:a:amentotech:workreap:1.6.0
-
cpe:2.3:a:amentotech:workreap:1.6.1
-
cpe:2.3:a:amentotech:workreap:1.6.2
-
cpe:2.3:a:amentotech:workreap:1.6.3
-
cpe:2.3:a:amentotech:workreap:1.6.4
-
cpe:2.3:a:amentotech:workreap:1.6.5
-
cpe:2.3:a:amentotech:workreap:1.6.6
-
cpe:2.3:a:amentotech:workreap:1.6.7
-
cpe:2.3:a:amentotech:workreap:1.6.8
-
cpe:2.3:a:amentotech:workreap:1.6.9
-
cpe:2.3:a:amentotech:workreap:1.7.0
-
cpe:2.3:a:amentotech:workreap:1.7.1
-
cpe:2.3:a:amentotech:workreap:1.7.2
-
cpe:2.3:a:amentotech:workreap:1.7.3
-
cpe:2.3:a:amentotech:workreap:1.7.4
-
cpe:2.3:a:amentotech:workreap:1.7.5
-
cpe:2.3:a:amentotech:workreap:1.7.6
-
cpe:2.3:a:amentotech:workreap:1.7.7
-
cpe:2.3:a:amentotech:workreap:1.7.8
-
cpe:2.3:a:amentotech:workreap:1.7.9
-
cpe:2.3:a:amentotech:workreap:1.8.0
-
cpe:2.3:a:amentotech:workreap:2.0
-
cpe:2.3:a:amentotech:workreap:2.1.1
-
cpe:2.3:a:amentotech:workreap:2.1.2
-
cpe:2.3:a:amentotech:workreap:2.1.3
-
cpe:2.3:a:amentotech:workreap:2.1.4
-
cpe:2.3:a:amentotech:workreap:2.1.5
-
cpe:2.3:a:amentotech:workreap:2.1.6
-
cpe:2.3:a:amentotech:workreap:2.1.7
-
cpe:2.3:a:amentotech:workreap:2.1.8
-
cpe:2.3:a:amentotech:workreap:2.1.9
-
cpe:2.3:a:amentotech:workreap:2.2.1