CVE-2021-29447: WordPress Authenticated XXE attack when installation is running PHP 8

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-29447

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

WordPress Authenticated XXE attack when installation is running PHP 8

Source: NVD (National Vulnerability Database)

Vulnerability Description

Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

XML外部实体引用的不恰当限制(XXE)

Source: NVD (National Vulnerability Database)

Vulnerability Title

WordPress 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

WordPress是WordPress（Wordpress）基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress 存在代码问题漏洞，攻击者可利用该漏洞在成功的XXE攻击中可以访问内部文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
WordPress	wordpress-develop	>= 5.6.0, < 5.7.1	-

II. Public POCs for CVE-2021-29447

#	POC Description	Source Link	Shenlong Link
1	WordPress - Authenticated XXE (CVE-2021-29447)	https://github.com/motikan2010/CVE-2021-29447	POC Details
2	WordPress XXE vulnerability	https://github.com/Vulnmachines/wordpress_cve-2021-29447	POC Details
3	Wordpress XXE injection 구축 자동화 및 PoC	https://github.com/dnr6419/CVE-2021-29447	POC Details
4	None	https://github.com/AssassinUKG/CVE-2021-29447	POC Details
5	None	https://github.com/b-abderrahmane/CVE-2021-29447-POC	POC Details
6	Arbitrary file read controller based on CVE-2021-29447	https://github.com/elf1337/blind-xxe-controller-CVE-2021-29447	POC Details
7	Proof of Concept for CVE-2021-29447 written in Python	https://github.com/Val-Resh/CVE-2021-29447-POC	POC Details
8	Exploit WordPress Media Library XML External Entity Injection (XXE) to exfiltrate files.	https://github.com/M3l0nPan/wordpress-cve-2021-29447	POC Details
9	None	https://github.com/mega8bit/exploit_cve-2021-29447	POC Details
10	A Golang program to automate the execution of CVE-2021-29447	https://github.com/thomas-osgood/CVE-2021-29447	POC Details
11	None	https://github.com/Abdulazizalsewedy/CVE-2021-29447	POC Details
12	None	https://github.com/G01d3nW01f/CVE-2021-29447	POC Details
13	CVE-2021-29447 - Authenticated XXE Injection - WordPress < 5.7.1 & PHP > 8	https://github.com/viardant/CVE-2021-29447	POC Details
14	A proof of concept exploit for a wordpress 5.6 media library vulnerability	https://github.com/0xRar/CVE-2021-29447-PoC	POC Details
15	None	https://github.com/andyhsu024/CVE-2021-29447	POC Details
16	None	https://github.com/specializzazione-cyber-security/demo-CVE-2021-29447-lezione	POC Details
17	PoC for CVE-2021-29447	https://github.com/magicrc/CVE-2021-29447	POC Details
18	POC to exploit WordPress 5.6-5.7 (PHP 8+) Authenticated XXE Injection.	https://github.com/Tea-On/CVE-2021-29447-Authenticated-XXE-WordPress-5.6-5.7	POC Details
19	The objective is to conduct a full-scale security assessment of a WordPress-based web application, culminating in a complete server compromise. The assessment will focus on exploiting a specific, real-world vulnerability (CVE-2021-29447) to achieve initial access.	https://github.com/ArtemCyberLab/Project-Project-Chimera-Exploiting-a-Modern-WordPress-XXE-to-Pillage-Secrets-	POC Details
20	A XXE payload generator	https://github.com/0xricksanchez/CVE-2021-29447	POC Details
21	This repo describes about cve-2021-29447 and a small script for exploiting automatically	https://github.com/davids52/cve-2021-29447_auto-script	POC Details
22	None	https://github.com/rdana55/CVE-2021-29447-PoC	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-29447

Please Login to view more intelligence information

https://wordpress.org/news/category/security/x_refsource_MISC
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc52-qrhhx_refsource_CONFIRM
http://packetstormsecurity.com/files/163148/XML-External-Entity-Via-MP3-File-Upload-On-WordPress.htmlx_refsource_MISC
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability/x_refsource_MISC
https://www.debian.org/security/2021/dsa-4896vendor-advisoryx_refsource_DEBIAN
https://lists.debian.org/debian-lts-announce/2021/04/msg00017.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2021-29447

IV. Related Vulnerabilities

Same product: wordpress-develop

Same vendor: WordPress

Same weakness: CWE-611

V. Comments for CVE-2021-29447

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2021-29447

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-29447

III. Intelligence Information for CVE-2021-29447

IV. Related Vulnerabilities

V. Comments for CVE-2021-29447

Leave a comment