virus logo Intrusion Prevention

WordPress.AIT.CSV.Import.Export.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in WordPress AIT CSV Import Export Plugin.
The vulnerability is due to the lack of proper checks on file upload. Successful exploitation could lead to remote code execution in the context of the vulnerable application.

affected-products-logoAffected Products

WordPress AIT CSV Import Export Plugin version 3.0.3 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.ait-themes.club/wordpress-plugins/csv-import-export/#changelog-popup

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-04-06 18.052 Default_action:pass:drop
2021-03-22 18.042
ID 49754
Created Jan 18, 2021
Updated Apr 05, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Default Action drop
Active
Affected OS All
Affected App PHP_app