WP Photo Album Plus < 8.6.03.005 – Authenticated (Subscriber+) Arbitrary File Upload | CVE 2024-31286 | Plugin Vulnerabilities

Description

The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wppa_user_upload() function in all versions up to, and including, 8.6.03.004. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Affects Plugins

wp-photo-album-plus

Fixed in 8.6.03.005

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/80f7e161-b071-4cb1-8080-ff0ad926a5ca

Miscellaneous

Original Researcher

stealthcopter

Verified

No

WPVDB ID

8273aa26-0962-44f4-869e-2c52a8ce9d05

Timeline

Publicly Published

2024-04-05 (about 2 years ago)

Added

2024-04-10 (about 2 years ago)

Last Updated

2024-04-10 (about 2 years ago)

Other

Published

Title

Published

2023-05-31

Title

File Manager Advanced Shortcode <= 2.3.2 - Unauthenticated Remote Code Execution through shortcode

Published

2024-10-30

Title

Training – Courses <= 2.0.1 - Authenticated (Subscriber+) Arbitrary File Upload

Published

2019-06-06

Title

Crelly Slider <= 1.3.4 - Arbitrary File Upload

Published

2025-06-10

Title

WordPress Automatic Plugin - AI content generator and auto poster plugin < 3.116.0 - Authenticated (Author+) Arbitrary File Upload

Published

2020-07-28

Title

Comments - wpDiscuz 7.0.0 - 7.0.4 - Unauthenticated Arbitrary File Upload