What is CVE-2021-24347?

CVE-2021-24347 is a vulnerability in Sp Project & Document Manager, classified under Improper Handling of Case Sensitivity. Published 2021-06-14.

Is CVE-2021-24347 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Sp Project & Document Manager

CVE-2021-24347

The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file…

EPSS: 0.806 (99.2th percentile) — read the EPSS interpretation.

Affected products

Unknown Sp Project & Document Manager — versions 4.22

Weakness classification (CWE)

CWE-178 — Improper Handling of Case Sensitivity

Public proof-of-concept exploits

References

wpscan.com/vulnerability/8f6e82d5-c0e9-468e-acb8-7cd549f6a45a (x_refsource_CONFIRM)
packetstormsecurity.com/files/163434/WordPress-SP-Project-And-Document-Manager-… (x_refsource_MISC)
packetstormsecurity.com/files/163675/WordPress-SP-Project-And-Document-Remote-C… (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-24347?: CVE-2021-24347 is a vulnerability in Sp Project & Document Manager, classified under Improper Handling of Case Sensitivity. Published 2021-06-14.
Is CVE-2021-24347 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.