WordPress Plugin Vulnerabilities
Multiple Plugins by Trustindex.io <= (Various Versions)- Authenticated (Editor+) Arbitrary File Upload
Description
Multiple plugins for WordPress by Trustindex.io are vulnerable to arbitrary file uploads due to missing file type validation in the ~/tabs/feature_request.php file in various versions. This makes it possible for authenticated attackers, with editor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This vulnerability may only be fully exploitable for RCE in unique scenarios where the server is overloaded and the unlink() is not triggered immediately following move_uploaded_file().
Affects Plugins
Fixed in 11.1
Fixed in 4.0
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1
Fixed in 11.1 References
Miscellaneous
Original Researcher
Rafie Muhammad
Verified
No
WPVDB ID
Timeline
Publicly Published
2023-11-22 (about 2 years ago)
Added
2023-11-29 (about 2 years ago)
Last Updated
2024-01-26 (about 2 years ago)
WPScan 