Unauthenticated File upload wpDiscuz WordPress plugin RCE CVE-2020-24186 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Unauthenticated File upload wpDiscuz WordPress plugin RCE CVE-2020-24186 Scanner Detail

WordPress wpDiscuz plugin allows unauthenticated arbitrary file upload vulnerability.

A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action.

Some Advice for Common Problems

Update your WordPress wpDiscuz plugin to the latest version to eliminate this vulnerability.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service