Security for everyone

CVE-2020-12800 Scanner

Detects 'Remote Code Execution (RCE)' vulnerability in Drag And Drop Multi File Uploader plugin for WordPress affects v. prior to 1.3.4.

SCAN NOW

Short Info

Level

Critical

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2020-12800 Scanner Detail

The Drag and Drop Multi File Uploader plugin is a WordPress plugin used to enable users to upload multiple files at once to their website. It’s a convenient tool for gathering information from website visitors, specifically for creating contact forms. This plugin is popular due to its ease of use and can help website owners improve their website’s user experience by providing an easy way for visitors to upload necessary files.

CVE-2020-12800 is a critical vulnerability that was detected in Drag and Drop Multi File Uploader plugin for versions before 1.3.4. The vulnerability allowed hackers to bypass the extension filter on uploaded files by appending a "%" sign to the file name. This malicious exploit facilitated the upload of PHP files that contained shell commands, enabling cybercriminals to execute malicious code on the targeted website.

When exploiting this vulnerability, cybercriminals could easily upload and execute malicious software on the victim's website. The worst-case scenario would be the complete control of the website, leading to loss of data, such as financial information of clients or visitors, and the compromise of the website’s integrity and reputation.

Thanks to the pro features of the securityforeveryone.com platform, users can easily and quickly learn about vulnerabilities in their digital assets. Our platform provides users with a gamut of security measures and functions that help them protect their digital assets online, preventing security breaches and data loss due to cyber-attacks such as CVE-2020-12800. Our experts use cutting-edge technology and advanced tools to safeguard websites against a range of cyber threats, so businesses and users can rest easy.  In conclusion, it is crucial to stay vigilant and proactive in defending your website from threats like CVE-2020-12800, and the securityforeveryone.com platform offers the necessary support to ensure you do just that.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture