How severe is CVE-2021-38346?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2021-38346?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2021-38346 - HIGH Severity | CVSS 8.8

Vulnerability Description

The Brizy Page Builder plugin <= 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizy_create_block_screenshot AJAX action. The file would be named using the id parameter, which could be prepended with "../" to perform directory traversal, and the file contents were populated via the ibsf parameter, which would be base64-decoded and written to the file. While the plugin added a .jpg extension to all uploaded filenames, a double extension attack was still possible, e.g. a file named shell.php would be saved as shell.php.jpg, and would be executable on a number of common configurations.

Related Vulnerabilities

CVE-2007-4040

HIGH

CVSS:8.8(High)

Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbit...

CWE-792007

CVE-2013-4225

HIGH

CVSS:8.8(High)

The RESTful Web Services (restws) module 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.1 for Drupal does not properly restrict access to entity write operations, which makes it easier for remote aut...

CWE-792013

CVE-2013-6364

HIGH

CVSS:8.8(High)

Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book

CWE-792013

CVE-2017-12343

HIGH

CVSS:8.8(High)

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a maliciou...

CWE-792017

CVE-2017-7666

HIGH

CVSS:8.8(High)

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.

CWE-792017

CVE-2017-8332

HIGH

CVSS:8.8(High)

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking key words passing in the web traffic to p...

CWE-792017