top of page
perceptive_background_267k.jpg

WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code.…

Published:

15 januari 2026 om 23:00:00

Alert date:

16 januari 2026 om 01:13:28

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability affecting users with language editing permissions. The vulnerability is exploitable through the language installation endpoint by manipulating installation parameters. Attackers can achieve arbitrary code execution on the server. The vulnerability requires authentication but provides high impact access to the underlying system. Multiple references and proof-of-concept exploits are available publicly.

Technical details

Mitigation steps:

Affected products:

WebsiteBaker

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2021-47788
https://websitebaker.org/
https://www.exploit-db.com/exploits/50310
https://www.vulncheck.com/advisories/websitebaker-remote-code-execution-rce-authenticated

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page