Security Advisory

CVE-2021-24179

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-05 18:39:42
Last updated 2024-08-03 19:21:18
Assigner WPScan
State PUBLISHED

Description

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator import files. As the plugin also did not validate uploaded files, it could lead to RCE.