Vulnerability Details CVE-2021-24947
The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user, such as subscriber, to read arbitrary files on the web server
Exploit prediction scoring system (EPSS) score
EPSS Score 0.106
EPSS Ranking 93.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2021-24947
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:-
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:1.0
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:1.1
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:1.2
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:2.0
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:2.1
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:2.5
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:2.5.1
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:2.6
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:2.7
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:3.0
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:3.1
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:4.0
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.0
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.1
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.3.1
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.3.2
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.5.3
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.6.4
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.6.5
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.6.6
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.6.9
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.7.1
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.7.2
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.8.2
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.9.3
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.9.4
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.9.5
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.9.7
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:5.9.8
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:6.0.0
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:6.1.1
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:6.1.2
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:6.2.4
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:6.3.6
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:6.3.8
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:6.3.9
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:6.4.0
-
cpe:2.3:a:thinkupthemes:responsive_vector_maps:6.4.1