Vulnerability Details CVE-2021-24905
The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted, allowing any authenticated user to delete arbitrary files on the web server. For example, removing the wp-config.php allows attackers to trigger WordPress setup again, gain administrator privileges and execute arbitrary code or display arbitrary content to the users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.6%
CVSS Severity
CVSS v3 Score 8.0
CVSS v2 Score 6.0
References
Products affected by CVE-2021-24905
-
cpe:2.3:a:vsourz:advanced_cf7_db:-
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.0.0
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.1.0
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.1.1
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.1.3
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.2.0
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.3.0
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.4.0
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.4.1
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.4.2
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.4.3
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.4.4
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.5.0
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.5.1
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.6.0
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.6.1
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.6.2
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.7.0
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.7.1
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.7.2
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.8.0
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.8.1
-
cpe:2.3:a:vsourz:advanced_cf7_db:1.8.2