CVE-2019-14205 Scanner

Nevma Adaptive Images is a plugin used in WordPress to adjust images according to the size of the device screen being used to view them. The purpose of this plugin is to enable websites to load images faster by reducing the size of images displayed on small screens and showing the original larger images on larger screens. The Nevma Adaptive Images plugin provides users with various features to customize how images are displayed on their website.

The Nevma Adaptive Images plugin experienced a vulnerability, CVE-2019-14205, which allowed remote attackers to retrieve arbitrary files through the $REQUEST['adaptive-images-settings']['source_file'] parameter in adaptive-images-script.php. This means that attackers could access files and sensitive information deemed confidential and could use it for malicious purposes.

Exploiting this vulnerability can lead to various issues, including data loss, data breaches, and reputational damage. Attackers can access files containing sensitive data such as usernames and passwords, critical documents, and financial information. This data can be used to commit fraudulent activities and can result in financial and reputational losses for organizations.

The s4e.io platform offers pro features that can help individuals and organizations easily and quickly learn about vulnerabilities in their digital assets. By utilizing this platform, websites can detect and address vulnerabilities, implement anti-malware tools, and receive alerts about potential threats. It provides a secure and reliable solution to safeguarding digital assets from vulnerabilities such as CVE-2019-14205.

REFERENCES

• https://github.com/markgruffer/markgruffer.github.io/blob/master/_posts/2019-07-19-adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.markdown
• https://markgruffer.github.io/2019/07/19/adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.html
• https://wordpress.org/plugins/adaptive-images/#developers
• https://wpvulndb.com/vulnerabilities/9468