WordPress Plugin Vulnerabilities

Simple File List < 3.2.8 - Unauthenticated Arbitrary File Download

Description

The plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded

Affects Plugins

Plugin icon
simple-file-list
Fixed in 3.2.8

References

CVE
CVE-2022-1119
URL
https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1119

Classification

Type
FILE DOWNLOAD
OWASP top 10
A1: Injection
CWE
CWE-552
CVSS
7.5 (high)

Miscellaneous

Original Researcher
Bernardo Rodrigues
Verified
No
WPVDB ID
5551038f-64fb-44d8-bea0-d2f00f04877e

Timeline

Publicly Published
2019-06-02 (about 5 years ago)
Added
2022-03-29 (about 2 years ago)
Last Updated
2022-04-13 (about 2 years ago)

Other

Published
Title
Published
2023-04-19
Title
KIWIZ Invoices Certification & PDF System <= 2.1.3 - Unauthenticated Arbitrary File Download
Published
2022-11-28
Title
Wholesale Market for WooCommerce < 1.0.8 - Admin+ Arbitrary File Download
Published
2023-07-20
Title
Jupiter X Core <= 2.5.0 - Unauthenticated Arbitrary File Download
Published
2022-08-01
Title
Lana Downloads Manager < 1.8.0 - Contributor+ Arbitrary File Download
Published
2024-04-03
Title
File Manager < 7.2.6 - Authenticated (Administrator+) Directory Traversal