CVE-2021-4457
BaseFortify
Publication date: 2025-06-25
Last updated on: 2025-07-07
Assigner: WPScan
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| digitalzoomstudio | zoomsounds | to 6.05 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2021-4457 is a vulnerability in the ZoomSounds WordPress plugin versions prior to 6.05. It involves a PHP file within the plugin that allows unauthenticated users to upload arbitrary files anywhere on the web server. This means an attacker can upload malicious PHP scripts without logging in, potentially enabling them to execute arbitrary code on the server. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to upload and execute malicious PHP code on your web server, which can lead to full server compromise. This could result in unauthorized access, data theft, defacement, or further attacks on your infrastructure. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by scanning for suspicious PHP files in the ZoomSounds plugin directory, such as /wp-content/plugins/dzs-zoomsounds/xxtest.php, wp-fixer.php, opa.php, defacer.php, wp-cn.php, or atx.php in the plugin or wp-includes directories. Additionally, monitoring for POST requests to /wp-content/plugins/dzs-zoomsounds/savepng.php?location=*.php that upload PHP code can indicate exploitation attempts. Commands to detect suspicious files could include: `find /path/to/wordpress/wp-content/plugins/dzs-zoomsounds/ -name '*.php' -exec grep -l '<?php' {} +` to locate unexpected PHP files, or using web server logs to search for POST requests to the vulnerable endpoint, e.g., `grep 'POST /wp-content/plugins/dzs-zoomsounds/savepng.php' /var/log/apache2/access.log`. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the ZoomSounds plugin to version 6.05 or later, where the vulnerable PHP file has been removed. If updating is not immediately possible, manually remove or restrict access to the vulnerable PHP files in the plugin directory. Additionally, monitor and block suspicious POST requests to /wp-content/plugins/dzs-zoomsounds/savepng.php to prevent arbitrary file uploads. Implementing web application firewall (WAF) rules to block such requests and scanning the server for any uploaded malicious PHP files to remove them is also recommended. [1]