CVE-2021-24284 (GCVE-0-2021-24284)
Vulnerability from cvelistv5 – Published: 2021-05-14 11:38 – Updated: 2024-08-03 19:28Title
Kaswara Modern VC Addons <= 3.0.1 - Unauthenticated Arbitrary File Upload
Summary
The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP.
Severity
9.8 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/8d66e338-a88f-46… | x_refsource_CONFIRM |
| https://codecanyon.net/item/kaswara-modern-visual… | x_refsource_MISC |
| http://packetstormsecurity.com/files/167743/WordP… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SayenThemes | Kaswara Modern VC Addons |
Affected:
3.0.1 , ≤ 3.0.1
(custom)
|
Credits
Shadowserver
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 2ec8f2e8-3d91-486e-b8b6-e6dec1cda48f
Exploited: Yes
Characteristics
Severity:
98.0
Timestamps
First Seen: 2023-10-14
Asserted: 2023-10-14
Last Seen: 2025-02-13
Scope
Asset Exposure: ['internet-facing']
Notes: Affected: Wordpress / Wordpress Kaswara Modern VC Addons plugin | Class: cms | Severity: Critical (CVSS 9.8) | IoT: no | In CISA KEV: no | Honeypot connections on 2025-02-13: 2
Evidence
Type: Honeypot
Signal: In The Wild Attempts
Confidence: 70%
Source: shadowserver
Details
| 1D | 2 |
|---|---|
| Iot | no |
| Feed | Shadowserver Foundation honeypot/exploited-vulnerabilities |
| Type | http-scan |
| Class | cms |
| 7D Avg | 0 |
| Vendor | Wordpress |
| 30D Avg | 0 |
| 90D Avg | 1 |
| Product | Wordpress Kaswara Modern VC Addons plugin |
| Cisa Kev | no |
| Connections | 2 |
| Observation Date | 2025-02-13 |
| Vulnerability Class | CVSS |
| Vulnerability Score | 9.8 |
| Vulnerability Severity | Critical |
References
Created: 2026-07-01 05:54 UTC
| Updated: 2026-07-01 13:14 UTC
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 23dd7c83-e3bd-40f1-b2f7-17b0ef9bf81d
Exploited: Yes
Timestamps
First Seen: 2022-07-13
Asserted: 2022-07-13
Scope
Notes: KEVIntel entry: Kaswara Modern VC Addons <= 3.0.1 - Unauthenticated Arbitrary File Upload | Affected: SayenThemes / Kaswara Modern VC Addons | CVSS: 9.8 (CRITICAL) | EPSS: 0.91328 | Used in malware: unknown | Not yet in CISA KEV: True
Evidence
Type: Public Report
Signal: Successful Exploitation
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | Kaswara Modern VC Addons <= 3.0.1 - Unauthenticated Arbitrary File Upload |
| Vendor | SayenThemes |
| Product | Kaswara Modern VC Addons |
| Added Date | 2022-07-13T10:52:06.000Z |
| Cvss Score | 9.8 |
| Epss Score | 0.91328 |
| Cvss Severity | CRITICAL |
| Epss Percentile | 0.99622 |
| Used In Malware | unknown |
| Ahead Of Cisa Kev | None |
| Not Yet In Cisa Kev | True |
References
Created: 2026-06-23 11:12 UTC
| Updated: 2026-06-23 11:12 UTC
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:22.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/8d66e338-a88f-4610-8d12-43e8be2da8c5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codecanyon.net/item/kaswara-modern-visual-composer-addons/19341477"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167743/WordPress-Kaswara-Modern-WPBakery-Page-Builder-3.0.1-File-Upload.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kaswara Modern VC Addons",
"vendor": "SayenThemes",
"versions": [
{
"lessThanOrEqual": "3.0.1",
"status": "affected",
"version": "3.0.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Robin Goodfellow"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the \u0027uploadFontIcon\u0027 AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-14T15:06:23.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/8d66e338-a88f-4610-8d12-43e8be2da8c5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://codecanyon.net/item/kaswara-modern-visual-composer-addons/19341477"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167743/WordPress-Kaswara-Modern-WPBakery-Page-Builder-3.0.1-File-Upload.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Kaswara Modern VC Addons \u003c= 3.0.1 - Unauthenticated Arbitrary File Upload",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24284",
"STATE": "PUBLIC",
"TITLE": "Kaswara Modern VC Addons \u003c= 3.0.1 - Unauthenticated Arbitrary File Upload"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kaswara Modern VC Addons",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "3.0.1",
"version_value": "3.0.1"
}
]
}
}
]
},
"vendor_name": "SayenThemes"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Robin Goodfellow"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the \u0027uploadFontIcon\u0027 AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/8d66e338-a88f-4610-8d12-43e8be2da8c5",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/8d66e338-a88f-4610-8d12-43e8be2da8c5"
},
{
"name": "https://codecanyon.net/item/kaswara-modern-visual-composer-addons/19341477",
"refsource": "MISC",
"url": "https://codecanyon.net/item/kaswara-modern-visual-composer-addons/19341477"
},
{
"name": "http://packetstormsecurity.com/files/167743/WordPress-Kaswara-Modern-WPBakery-Page-Builder-3.0.1-File-Upload.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167743/WordPress-Kaswara-Modern-WPBakery-Page-Builder-3.0.1-File-Upload.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24284",
"datePublished": "2021-05-14T11:38:17.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:28:22.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-24284",
"date": "2026-07-01",
"epss": "0.4214",
"percentile": "0.98522"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-24284\",\"sourceIdentifier\":\"contact@wpscan.com\",\"published\":\"2021-05-14T12:15:08.387\",\"lastModified\":\"2024-11-21T05:52:45.527\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the \u0027uploadFontIcon\u0027 AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP.\"},{\"lang\":\"es\",\"value\":\"El plugin de WordPress Kaswara Modern VC Addons versiones hasta 3.0.1, permite la carga de archivos arbitrarios no autenticados mediante la acci\u00f3n AJAX \\\"uploadFontIcon\\\".\u0026#xa0;El archivo zip proporcionado est\u00e1 siendo descomprimido en el directorio wp-content/uploads/kaswara/fonts_icon sin comprobaci\u00f3n de archivos maliciosos como PHP\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"contact@wpscan.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kaswara_project:kaswara:*:*:*:*:*:wordpress:*:*\",\"versionEndIncluding\":\"3.0.1\",\"matchCriteriaId\":\"8B9EF5A0-624E-4C09-8DB5-8DD87CFF3FFA\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/167743/WordPress-Kaswara-Modern-WPBakery-Page-Builder-3.0.1-File-Upload.html\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://codecanyon.net/item/kaswara-modern-visual-composer-addons/19341477\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/8d66e338-a88f-4610-8d12-43e8be2da8c5\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/167743/WordPress-Kaswara-Modern-WPBakery-Page-Builder-3.0.1-File-Upload.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://codecanyon.net/item/kaswara-modern-visual-composer-addons/19341477\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/8d66e338-a88f-4610-8d12-43e8be2da8c5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…