Affected Plugin: WP Upload Restriction
Plugin Slug: wp-upload-restriction
Affected Versions: <= 2.2.3
CVE ID: CVE-2021-34625
CVSS Score: 6.4 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Researcher/s: Angelo Righi
Fully Patched Version: No patch available, plugin closed for download.
Recommended Remediation: Uninstall plugin.
Missing Access Control in the saveCustomType function allows for authenticated users, such as subscribers, to add mime types and extensions through unsanitized parameters that makes it possible to inject malicious web scripts that later execute when an administrator visits the extensions page.
Riferimenti
https://www.wordfence.com/vulnerability-advisories/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34661