cleantalk
Vulnerabilities and Security Researches

Anti-Malware Security and Brute-Force Firewall, CVE-2021-47977

CVE, Research URL

CVE-2021-47977

Home page URL

Security reports for Anti-Malware Security and Brute-Force Firewall

Application

Anti-Malware Security and Brute-Force Firewall

Published on
May 16, 2026
Research Description
WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the duplicator_download action via admin-ajax.php with path traversal sequences to access sensitive system files outside the intended directory.
Affected versions
max 4.20.59.
Status
vulnerable
Previous vulnerability researches
Pricing Table by Supsystic (CVE-2020-37243) , May 19, 2026
Pricing Table by Supsystic (CVE-2021-46782) , Jun 06, 2024
Pricing Table by Supsystic (CVE-2020-9392) , Jun 06, 2024
Pricing Table by Supsystic (CVE-2020-9395) , Jun 06, 2024
Pricing Table by Supsystic (CVE-2024-32790) , Jun 06, 2024
New vulnerability
WordPress Plugin for Google Maps – WP MAPS (CVE-2026-6381) , May 19, 2026
BuddyPress (CVE-2020-37233) , May 19, 2026
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More (CVE-2026-42674) , May 19, 2026
Anti-Malware Security and Brute-Force Firewall (CVE-2021-47977) , May 19, 2026
Pricing Table by Supsystic (CVE-2020-37243) , May 19, 2026