Vulnerabilities

CVE-2021-24981

December 27, 2021

The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to Remote File Upload leading to arbitrary PHP shell uploads in the wp-content/plugins directory.

Summary:

The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to Remote File Upload leading to arbitrary PHP shell uploads in the wp-content/plugins directory.

Reference Links(if available):

https://blog.sucuri.net/2021/11/fake-ransomware-infection-spooks-website-owners.html

https://wpscan.com/vulnerability/4c45df6d-b3f6-49e5-8b1f-edd32a12d71c

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

Fortifying the Backbone: Cybersecurity for Critical Infrastructure

November 15, 2024

Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

November 15, 2024

Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

November 15, 2024

API Security Threats: 83% of Companies Experience Security Incidents

November 15, 2024

Microsoft Power Pages: Misconfiguration Risks and Data Exposure

November 15, 2024

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Fortifying the Backbone: Cybersecurity for Critical Infrastructure

Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

API Security Threats: 83% of Companies Experience Security Incidents

Microsoft Power Pages: Misconfiguration Risks and Data Exposure