CVE-2021-39352

HIGH

Wordpress Plugin Catch Themes Demo Import RCE

Title source: metasploit

Description

The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation. This makes it possible for an attacker with administrative privileges to upload malicious files that can be used to achieve remote code execution.

Exploits (2)

exploitdb WORKING POC

by Ron Jost · pythonwebappsphp

https://www.exploit-db.com/exploits/50580

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by h00die, Ron Jost, Thinkland Security Team · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_catch_themes_demo_import.rb

View Code ZIP pw:eip

References (7)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/165207/WordPress-Catch-Themes-Demo-Import-1.6.1-Shell-Upload.html

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/165463/WordPress-Catch-Themes-Demo-Import-Shell-Upload.html

[Exploit, Third Party Advisory] https://github.com/BigTiger2020/word-press/blob/main/Catch%20Themes%20Demo%20Import.md

[Exploit, Third Party Advisory] https://github.com/Hacker5preme/Exploits/tree/main/Wordpress/CVE-2021-39352

[Patch, Third Party Advisory] https://plugins.trac.wordpress.org/changeset/2617555/catch-themes-demo-import/trunk/inc/CatchThemesDemoImport.php

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/50580

[Third Party Advisory] https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39352

Scores

CVSS v3 7.2

EPSS 0.7559

EPSS Percentile 98.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (1)

catchplugins/catch_themes_demo_import < 1.7

Published Oct 21, 2021

Tracked Since Feb 18, 2026