CVE Vulnerabilities

CVE-2021-34639

Reliance on File Name or Extension of Externally-Supplied File

Published: Aug 05, 2021 | Modified: Mar 21, 2025
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g. payload.php.png which is executable in some configurations. This issue affects: WordPress Download Manager version 3.1.24 and prior versions.

Weakness 

The product allows a file to be uploaded, but it relies on the file name or extension of the file to determine the appropriate behaviors. This could be used by attackers to cause the file to be misclassified and processed in a dangerous fashion.

Affected Software 

Name Vendor Start Version End Version
Download_manager W3eden * 3.1.24 (including)

Potential Mitigations 

References