WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

e-signature < 1.5.6.8 - Unauthenticated Arbitrary File Upload leading to RCE

Description

The AJAX sif_upload_file allowed the authorised extensions to be provided in the request, which result in unauthenticated arbitrary file upload and lead to RCE

Proof of Concept

/wp-admin/admin-ajax.php?action=sif_upload_file

Affects Plugins

e-signature
Fixed in version 1.5.6.8

References

URL
https://pagely.com/blog/unauthenticated-remote-code-execution-in-e-signature-plugin/

Classification

Type

UPLOAD

CWE
CWE-434

Miscellaneous

Original Researcher

John Castro

Submitter

Pagely

Submitter website
https://www.pagely.com
Submitter twitter
pagely
Verified

Yes

WPVDB ID
0e6b7a1f-dadd-45da-9961-6fe89ffb4c70

Timeline

Publicly Published

2021-01-19 (about 1 years ago)

Added

2021-01-19 (about 1 years ago)

Last Updated

2021-01-20 (about 1 years ago)

Our Other Services

WPScan WordPress Security Plugin