CVE-2020-36847

CRITICAL

Simple-File-List Plugin <4.2.2 - RCE

Title source: llm

Description

The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server.

Exploits (3)

exploitdb WORKING POC

by Md Amanat Ullah (xSwads) · pythonwebappsmultiple

https://www.exploit-db.com/exploits/52371

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by ftz7 · poc

https://github.com/ftz7/PoC-CVE-2020-36847-WordPress-Plugin-4.2.2-RCE

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by coiffeur, h00die · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_simple_file_list_rce.rb

View Code ZIP pw:eip

References (5)

[Exploit] https://packetstormsecurity.com/files/160221/

[Patch] https://plugins.trac.wordpress.org/changeset/2286920/simple-file-list

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/

[Third Party Advisory] https://www.cybersecurity-help.cz/vdb/SB2020042711

[Third Party Advisory] https://www.wordfence.com/threat-intel/vulnerabilities/id/9eb835fd-6ebf-4162-856c-0366b663a07e?source=cve

Scores

CVSS v3 9.8

EPSS 0.8722

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (2)

eemitch/Simple File List < 4.2.3

simplefilelist/simple_file_list < 4.2.3

Published Jul 12, 2025

Tracked Since Feb 18, 2026