CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-4354

The PWA for WP & AMP for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pwaforwp_splashscreen_uploader function in versions up to, and including, 1.7.32. This makes it possible for authenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.057

EPSS Ranking 89.9%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2021-4354

Magazine3 » Pwa For Wp & Amp » Version: N/A

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:-
Magazine3 » Pwa For Wp & Amp » Version: 1.0

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0
Magazine3 » Pwa For Wp & Amp » Version: 1.0.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.1
Magazine3 » Pwa For Wp & Amp » Version: 1.0.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.2
Magazine3 » Pwa For Wp & Amp » Version: 1.0.3

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.3
Magazine3 » Pwa For Wp & Amp » Version: 1.0.3.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.3.1
Magazine3 » Pwa For Wp & Amp » Version: 1.0.4

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.4
Magazine3 » Pwa For Wp & Amp » Version: 1.0.5

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.5
Magazine3 » Pwa For Wp & Amp » Version: 1.0.6

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.6
Magazine3 » Pwa For Wp & Amp » Version: 1.0.7

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.7
Magazine3 » Pwa For Wp & Amp » Version: 1.0.7.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.7.1
Magazine3 » Pwa For Wp & Amp » Version: 1.0.8

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.8
Magazine3 » Pwa For Wp & Amp » Version: 1.0.9

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.0.9
Magazine3 » Pwa For Wp & Amp » Version: 1.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.1
Magazine3 » Pwa For Wp & Amp » Version: 1.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.2
Magazine3 » Pwa For Wp & Amp » Version: 1.2.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.2.1
Magazine3 » Pwa For Wp & Amp » Version: 1.3

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.3
Magazine3 » Pwa For Wp & Amp » Version: 1.3.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.3.1
Magazine3 » Pwa For Wp & Amp » Version: 1.3.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.3.2
Magazine3 » Pwa For Wp & Amp » Version: 1.4

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.4
Magazine3 » Pwa For Wp & Amp » Version: 1.5

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.5
Magazine3 » Pwa For Wp & Amp » Version: 1.5.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.5.1
Magazine3 » Pwa For Wp & Amp » Version: 1.6

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.6
Magazine3 » Pwa For Wp & Amp » Version: 1.7

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7
Magazine3 » Pwa For Wp & Amp » Version: 1.7.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.1.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.1.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.1.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.1.2
Magazine3 » Pwa For Wp & Amp » Version: 1.7.10

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.10
Magazine3 » Pwa For Wp & Amp » Version: 1.7.11

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.11
Magazine3 » Pwa For Wp & Amp » Version: 1.7.11.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.11.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.12

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.12
Magazine3 » Pwa For Wp & Amp » Version: 1.7.13

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.13
Magazine3 » Pwa For Wp & Amp » Version: 1.7.14

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.14
Magazine3 » Pwa For Wp & Amp » Version: 1.7.14.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.14.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.15

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.15
Magazine3 » Pwa For Wp & Amp » Version: 1.7.16

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.16
Magazine3 » Pwa For Wp & Amp » Version: 1.7.16.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.16.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.17

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.17
Magazine3 » Pwa For Wp & Amp » Version: 1.7.17.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.17.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.17.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.17.2
Magazine3 » Pwa For Wp & Amp » Version: 1.7.18

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.18
Magazine3 » Pwa For Wp & Amp » Version: 1.7.18.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.18.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.19

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.19
Magazine3 » Pwa For Wp & Amp » Version: 1.7.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.2
Magazine3 » Pwa For Wp & Amp » Version: 1.7.2.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.2.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.20

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.20
Magazine3 » Pwa For Wp & Amp » Version: 1.7.21

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.21
Magazine3 » Pwa For Wp & Amp » Version: 1.7.22

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.22
Magazine3 » Pwa For Wp & Amp » Version: 1.7.23

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.23
Magazine3 » Pwa For Wp & Amp » Version: 1.7.24

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.24
Magazine3 » Pwa For Wp & Amp » Version: 1.7.25

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.25
Magazine3 » Pwa For Wp & Amp » Version: 1.7.26

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.26
Magazine3 » Pwa For Wp & Amp » Version: 1.7.27

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.27
Magazine3 » Pwa For Wp & Amp » Version: 1.7.28

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.28
Magazine3 » Pwa For Wp & Amp » Version: 1.7.29

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.29
Magazine3 » Pwa For Wp & Amp » Version: 1.7.3

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.3
Magazine3 » Pwa For Wp & Amp » Version: 1.7.3.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.3.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.3.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.3.2
Magazine3 » Pwa For Wp & Amp » Version: 1.7.3.3

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.3.3
Magazine3 » Pwa For Wp & Amp » Version: 1.7.30

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.30
Magazine3 » Pwa For Wp & Amp » Version: 1.7.31

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.31
Magazine3 » Pwa For Wp & Amp » Version: 1.7.32

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.32
Magazine3 » Pwa For Wp & Amp » Version: 1.7.4

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.4
Magazine3 » Pwa For Wp & Amp » Version: 1.7.4.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.4.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.4.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.4.2
Magazine3 » Pwa For Wp & Amp » Version: 1.7.4.3

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.4.3
Magazine3 » Pwa For Wp & Amp » Version: 1.7.4.4

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.4.4
Magazine3 » Pwa For Wp & Amp » Version: 1.7.5

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.5
Magazine3 » Pwa For Wp & Amp » Version: 1.7.6

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.6
Magazine3 » Pwa For Wp & Amp » Version: 1.7.7

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.7
Magazine3 » Pwa For Wp & Amp » Version: 1.7.8

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.8
Magazine3 » Pwa For Wp & Amp » Version: 1.7.8.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.8.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.9

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.9
Magazine3 » Pwa For Wp & Amp » Version: 1.7.9.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.9.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.9.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.9.2
Magazine3 » Pwa For Wp & Amp » Version: 1.7.9.3

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.9.3
Magazine3 » Pwa For Wp & Amp » Version: 1.7.9.3.1

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.9.3.1
Magazine3 » Pwa For Wp & Amp » Version: 1.7.9.3.2

cpe:2.3:a:magazine3:pwa_for_wp_&_amp:1.7.9.3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-4354

Products

Pricing

Contact Us