CVE-2021-4449

CRITICAL EXPLOITED NUCLEI

ZoomSounds < 5.96 - Unauthenticated Arbitrary File Upload via savepng.php

Title source: llm

Exploitation Summary

CVE-2021-4449 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

The ZoomSounds plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'savepng.php' file in versions up to, and including, 5.96. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVE-2021-4457 is a duplicate of this.

Nuclei Templates (1)

ZoomSounds Plugin - Unauthenticated Arbitrary File Upload

CRITICALVERIFIEDby 0xnemian

FOFA: body="/wp-content/plugins/dzs-zoomsounds/"

References (6)

Core 6

Core References

Product

https://codecanyon.net/item/zoomsounds-wordpress-wave-audio-player-with-playlist/6181433

Third Party Advisory

https://github.com/0xAgun/Arbitrary-File-Upload-ZoomSounds

View Writeup ZIP pw:eip

Third Party Advisory

https://ithemes.com/blog/wordpress-vulnerability-report-june-2021-part-5/#ib-toc-anchor-2

Exploit

https://sploitus.com/exploit?id=WPEX-ID:07259A61-8BA9-4DD0-8D52-CC1DF389C0AD

Exploit, Third Party Advisory

https://wpscan.com/vulnerability/07259a61-8ba9-4dd0-8d52-cc1df389c0ad

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/262e3bb3-bc83-4d0b-8056-9f94ec141b8f?source=cve

Scores

CVSS v3 9.8

EPSS 0.0529

EPSS Percentile 91.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2025-11-07

CWE

CWE-434

Status published

Products (2)

digitalzoomstudio/zoomsounds < 5.96

ZoomIt/ZoomSounds - WordPress Wave Audio Player with Playlist < 5.96

Published Oct 16, 2024

Tracked Since Feb 18, 2026