WordPress Plugin Vulnerabilities

Download from files <= 1.48 - Unauthenticated Arbitrary File Upload

Description

The download_from_files_617_fileupload AJAX action f the plugin, available to both unauthenticated and authenticated users does not properly restrict the files to be uploaded, which could allow unauthenticated users to upload PHP4 files for example

Proof of Concept

Affects Plugins

Plugin icon
download-from-files
No known fix

References

Exploitdb
50287

Miscellaneous

Original Researcher
spacehen
Verified
Yes
WPVDB ID
8defc276-c5b0-447e-87d4-01c285051a6e

Timeline

Publicly Published
2021-09-13 (about 4 years ago)
Added
2021-09-13 (about 4 years ago)
Last Updated
2022-04-08 (about 4 years ago)

Other

Published
Title
Published
2024-12-06
Title
Import Export For WooCommerce <= 1.6.2 - Subscriber+ Arbitrary File Upload
Published
2023-11-01
Title
Icons Font Loader < 1.1.3 - Admin+ Arbitrary File Upload
Published
2024-11-20
Title
Pathomation <= 2.5.1 - Unauthenticated Arbitrary File Upload
Published
2019-02-14
Title
WP Cost Estimation < 9.644 - Arbitrary File Upload and Delete
Published
2026-03-18
Title
Widget Wrangler <= 2.3.9 - Authenticated (Author+) Remote Code Execution