WordPress Plugin Vulnerabilities

WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload

Description

The plugin does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE.

Proof of Concept

Affects Plugins

Plugin icon
woocommerce-ninjaforms-product-addons
Fixed in 1.7.1

References

CVE
CVE-2023-5601

Miscellaneous

Original Researcher
Alexander Concha
Verified
Yes
WPVDB ID
0035ec5e-d405-4eb7-8fe4-29dd0c71e4bc

Timeline

Publicly Published
2023-10-16 (about 2 years ago)
Added
2023-10-16 (about 2 years ago)
Last Updated
2023-10-16 (about 2 years ago)

Other

Published
Title
Published
2012-01-06
Title
FCChat 2.2.11-2.2.13 - Upload.php Arbitrary File Upload
Published
2013-11-29
Title
OptimizePress Theme < 1.6 - Unauthenticated Arbitrary File Upload
Published
2024-11-11
Title
Datasets Manager by Arttia Creative <= 1.5 - Unauthenticated Arbitrary File Upload
Published
2024-10-01
Title
WP Hotel Booking < 2.1.3 - Authenticated (Subscriber+) Arbitrary File Upload
Published
2014-08-01
Title
grapefile <= 1.1 - Arbitrary File Upload