CVE-2021-42362


WordPress Popular Posts <= 5.3.2 Authenticated Arbitrary File Upload

The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2.


We have discovered 3,512 live websites that are affected by CVE-2021-42362.

Contact us to get more info



Affected Software

Product  WordPress Popular Posts
Category Wordpress Plugins
Vulnerable Versions
  • from 0 through 5.3.2
Total Vulnerable Versions81
Vulnerable Domains3,512 live websites (15.94% of WordPress Popular Posts install base)


Common Weakness Enumeration


CWE-434 Unrestricted Upload of File with Dangerous Type



Details

  • Published - Nov 12, 2021
  • Updated - Nov 21, 2023

Credits

  • Original Researcher: Jerome Bruandet, NinTechNet Exploit Author: Simone Cristofaro (finder)





Countries

United States729 websites


Japan1,621 websites
Germany124 websites
France99 websites
GB86 websites
Russia80 websites
Poland68 websites
Spain60 websites
Italy55 websites

TLDs

.com1,812 websites
.jp312 websites
.net207 websites
.co.jp133 websites
.org117 websites
.de66 websites
.ru65 websites
.pl51 websites
.info49 websites
.fr37 websites

Vulnerable Versions

Vulnerable versions are highlighted in red


References


Websites affected by CVE-2021-42362

Top websites that are affected by CVE-2021-42362. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
***.**********.com United States*,***
***************.com United States**,***
*******************.com Japan**,***
********.tokyo Japan**,***
*****.***.**.uk GB**,***
******.com United States**,***
***.***************.com United States**,***
**************.com United States**,***
***.**********.com United States**,***
***.***********.com United States**,***
See full domain list