Unrated severityNVD Advisory· Published Jun 1, 2021· Updated Aug 3, 2024
External Media < 1.0.34 - Authenticated Arbitrary File Upload
CVE-2021-24311
Description
The wp_ajax_upload-remote-file AJAX action of the External Media WordPress plugin before 1.0.34 was vulnerable to arbitrary file uploads via any authenticated users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/External Mediadescription
- Range: <1.0.34
Patches
Vulnerability mechanics
References
2- wpscan.com/vulnerability/4fb90999-6f91-4200-a0cc-bfe9b34a5de9mitrex_refsource_CONFIRM
- www.wordfence.com/blog/2021/05/critical-vulnerability-patched-in-external-media-plugin/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.