Lucene search
DmitriiWPVDB-ID:53816136-4B1A-4B7D-B73B-08A90C2A638FHistoryAug 30, 2023 - 12:00 a.m.
Prevent files / folders access < 2.5.2 - Admin+ Arbitrary File Upload
2023-08-3000:00:00
Dmitrii
wpscan.com
7
prevent unauthorized access
file validation
arbitrary file upload
php file upload
security vulnerability
wordpress plugin.
Description The plugin does not validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.
PoC
- Create a PHP file
cmd.phpwith the contents `` 2) Go to https://example.com/wp-admin/admin.php?page=mo_media_restrict&tab;=private_directory 3) Then upload a file with the PHP extension 4) Follow the link https://example.com/wp-content/uploads/protectedfiles/{filename}.php?cmd=ps+aux 5) You will be able to see a list of processes when the PHP is executed
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 2.5.2 |
Related
nvd
nvd
CVE-2023-4238
2023-09-25 16:15:14
cve
cve
CVE-2023-4238
2023-09-25 16:15:14
prion
prion
Code injection
2023-09-25 16:15:00
githubexploit
githubexploit
Exploit for CVE-2023-4238
2023-09-11 23:53:11
wpexploit
wpexploit
Prevent files / folders access < 2.5.2 - Admin+ Arbitrary File Upload
2023-08-30 00:00:00
cvelist
cvelist
wordfence
wordfence
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.5%
Related for WPVDB-ID:53816136-4B1A-4B7D-B73B-08A90C2A638F