Asgaros Forum < 2.7.1 – Unauthenticated Arbitrary File Upload | CVE 2023-5604 | Plugin Vulnerabilities

Description

The plugin allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthenticated users to upload dangerous files (e.g. .php, .phtml), potentially leading to remote code execution.

Proof of Concept

Any user who has the rights to modify the settings area of the Asgaros plugin (/wp-admin/admin.php?page=asgarosforum-options), like forum administrators, can authorize users to upload malicious files (e.g. .php, .phtml files) on the site.

Affects Plugins

Fixed in 2.7.1

References

CVE

Miscellaneous

Original Researcher

Rafael Aristodimou

Submitter

Rafael Aristodimou

Verified

Yes

WPVDB ID

4ce69d71-87bf-4d95-90f2-63d558c78b69

Timeline

Publicly Published

2023-11-06 (about 6 months ago)

Added

2023-11-06 (about 6 months ago)

Last Updated

2023-11-06 (about 6 months ago)

Other

Published

Title

Published

2021-10-21

Title

Catch Themes Demo Import < 1.8 - Admin+ Arbitrary File Upload

Published

2014-08-01

Title

Work The Flow File Upload < 2.4 - wp-admin/admin-ajax.php accept_file_types Parameter Manipulation File Upload Restriction Bypass

Published

2014-08-01

Title

Oxygen - Remote File Upload

Published

2015-04-09

Title

Windows Desktop And iPhone Photo Uploader <= 1.8 - File Upload

Published

2013-11-29

Title

OptimizePress Theme < 1.6 - Unauthenticated Arbitrary File Upload