WordPress Plugin Vulnerabilities

Autoptimize < 2.7.7 - Authenticated Arbitrary File Upload

Description

The ao_ccss_import AJAX call does not ensure that the file provided is a legitimate Zip file, allowing high privilege users to upload arbitrary files, such as PHP, leading to RCE.

Proof of Concept

Affects Plugins

Plugin icon
autoptimize
Fixed in 2.7.7

References

CVE
CVE-2020-24948
Exploitdb
48770

Miscellaneous

Original Researcher
Nguyen Van Khanh - SunCSR (Sun* Cyber Security Research)
Submitter
Nguyen Van Khanh
Submitter website
https://research.sun-asterisk.com/en
Verified
Yes
WPVDB ID
56dc9a8c-05ae-4881-a92e-e213eab866a0

Timeline

Publicly Published
2020-08-24 (about 5 years ago)
Added
2020-08-24 (about 5 years ago)
Last Updated
2020-09-04 (about 5 years ago)

Other

Published
Title
Published
2018-10-31
Title
GoUrl Bitcoin Payment Gateway < 1.4.14 - Shell Upload
Published
2014-08-01
Title
Lim4wp 1.1.1 - Arbitrary File Upload
Published
2025-10-17
Title
PPOM – Product Addons & Custom Fields for WooCommerce < 33.0.16 - Unauthenticated Arbitrary File Upload
Published
2025-08-12
Title
School Management <= 1.93.1 (02-07-2025) - Authenticated (Student+) Arbitrary File Upload
Published
2026-04-07
Title
Gerador de Certificados – DevApps <= 1.3.6 - Authenticated (Administrator+) Arbitrary File Upload