Description
The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://wpscan.com/vulnerability/e9ccf1fc-1dbf-4a41-bf4a-90af20b286d6
Scores
CVSS v3
8.8
EPSS
0.0012
EPSS Percentile
30.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-434
CWE-352
Status
published
Products (1)
sermon_browser_project/sermon_browser
< 0.45.22
Published
Mar 28, 2022
Tracked Since
Feb 18, 2026