Conversation
AttackerKB
attackerkb
New assessment for topic: CVE-2021-25094
Topic description: "The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory ..."
"Based on [technical analysis](https://darkpills.com/wordpress-tatsu-builder-preauth-rce-cve-2021-25094/), the `Attacker Value` of the vulnerability is **high** because it's a popular WordPress plugin that has been exploited in the wild ..."
Link: https://attackerkb.com/assessments/d28b05a0-23ee-4941-8c91-824c01b64b44
Topic description: "The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory ..."
"Based on [technical analysis](https://darkpills.com/wordpress-tatsu-builder-preauth-rce-cve-2021-25094/), the `Attacker Value` of the vulnerability is **high** because it's a popular WordPress plugin that has been exploited in the wild ..."
Link: https://attackerkb.com/assessments/d28b05a0-23ee-4941-8c91-824c01b64b44
0
0
0