WordPress Authenticated XXE attack when installation is running PHP 8

CVE-2021-29447

7.1HIGH

Key Information

Vendor: WordPress
Status: WordPress-develop
Vendor: CVE Published:; 15 April 2021

Badges

👾 Exploit Exists🔴 Public PoC

Summary

Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.

Affected Version(s)

wordpress-develop = >= 5.6.0, < 5.7.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2021-29447
Created by motikan2010

exploit_cve-2021-29447
Created by mega8bit

CVE-2021-29447-PoC
Created by 0xRar

EPSS Score

2% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: 6.5 to: 7.1 - (HIGH)
Feb 22, 2024
👾
Exploit exists.
Apr 16, 2021
Vulnerability published.
Apr 15, 2021
Vulnerability Reserved.
Mar 30, 2021

Collectors

NVD DatabaseMitre Database14 Proof of Concept(s)