Vulnerability Details : CVE-2021-29447
Potential exploit
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
Vulnerability category: XML external entity (XXE) injection
Products affected by CVE-2021-29447
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
Threat overview for CVE-2021-29447
Top countries where our scanners detected CVE-2021-29447
Top open port discovered on systems with this issue
80
IPs affected by CVE-2021-29447 7
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2021-29447!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2021-29447
33.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-29447
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.8
|
3.6
|
NIST | |
7.1
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N |
2.8
|
4.2
|
GitHub, Inc. |
CWE ids for CVE-2021-29447
-
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.Assigned by:
- nvd@nist.gov (Secondary)
- security-advisories@github.com (Primary)
References for CVE-2021-29447
-
https://www.debian.org/security/2021/dsa-4896
Third Party Advisory
-
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability/
WordPress 5.7 XXE VulnerabilityExploit;Third Party Advisory
-
http://packetstormsecurity.com/files/164198/WordPress-5.7-Media-Library-XML-Injection.html
WordPress 5.7 Media Library XML Injection ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://wordpress.org/news/category/security/
News – Security – WordPress.orgRelease Notes;Vendor Advisory
-
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc52-qrhh
WordPress: Authenticated XXE attack when installation is running PHP 8 · Advisory · WordPress/wordpress-develop · GitHubThird Party Advisory
-
http://packetstormsecurity.com/files/163148/XML-External-Entity-Via-MP3-File-Upload-On-WordPress.html
XML External Entity Via MP3 File Upload On WordPress ≈ Packet StormThird Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2021/04/msg00017.html
[SECURITY] [DLA 2630-1] wordpress security updateMailing List;Third Party Advisory
Jump to