Home / Vulnerability Intelligence / CVE-2021-47943

CVE-2021-47943 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: May 10, 2026

TextPattern CMS - Remote Code Execution

Published: May 10, 2026Updated: May 10, 2026Remote Exploitable

Overview

TextPattern CMS 4.8.7 contains a remote code execution caused by improper validation in file upload functionality, letting authenticated attackers execute arbitrary commands via uploaded PHP files.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Authenticated attackers can execute arbitrary commands on the server, potentially leading to full system compromise.

Mitigation

Update to the latest version of TextPattern CMS that patches this vulnerability.

References

https://www.exploit-db.com/exploits/50415
https://www.vulncheck.com/advisories/textpattern-cms-remote-code-execution-via-file-upload
https://www.exploit-db.com/exploits/49996

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2021-47943
Severity: High
CVSS Score: 8.8
Type: remote_code_execution
Status: new

CWE

CWE-434

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H